Business continuity management (BCM) is a holistic process to ensure uninterrupted availability of all essential business resources required to support critical business activities, whether manual or IT-enabled, in the event of business disruption.
It requires that policies and procedures specific for BCM are developed, tested, and used to ensure and includes the Business Impact Assessment (BI assessment), the Risk Assessment (BCM RA), the Business Continuity Plan (BCP), the Emergency/Crisis Management (Crisis reporting) and the Disaster Recovery Plan (IT DRP).
Every organization should identify, evaluate and understand the internal and external causes, risks and impacts relevant for the Business Continuity when establishing, implementing, maintaining and improving the BCM.
BCM responsibility covers also outsourced products and services and third-party suppliers which should ensure the agreed service levels for delivery are fulfilled.
The BCM Business Impact Assessment performed in this module allows users to assign a criticality level for their respective processes, along with the related recovery time objective and recovery point in order to define the most appropriate measures. As part of the Business Continuity Management cycle, the Business Impact Assessment are providing Process Owners with exhaustive set of information to ensure continuity of their operations.
The BCM BI assessment module is designed to host basic information and could be further refined as part of a customization requested by clients.
The purpose is to document the recovery information that could be used to perform an IT DRP testing.
The System BIA module also includes a definition of criticality per system or application and a “light” cyber threat applicability testing (incl. likelihood and severity) to be stored per system.