Bs 25999 Business Continuity Management - PowerPoint

Description

Bs 25999 Business Continuity Management document sample

Shared by: bdj12510

Tags

BS 25999, business continuity management, business continuity, management system, best practice, training courses, BSI Management Systems, Code of Practice, BSI Group, minor incident

Stats

views:: 32
posted:: 1/10/2011
language:: English
pages:: 12

Public Domain

Document Sample

							Presentation to Russian Delegation
on ISO 27001 and BS 25999
by John Hele , Global Product Manager, BSI Management Systems
ISO/IEC 27001:2005
                                                         3




Definition
3.4
information security
 preservation of confidentiality, integrity and
 availability of information; in addition, other
 properties such as authenticity, accountability, non-
 repudiation and reliability can also be involved
                                                        4




Scope and Boundaries

• The international standard now requires
  organizations to define the scope and boundaries of
  the ISMS [4.2.1 a], which is now to include details
  of, and justification for, any exclusion from the
  scope.
                                        5




 PDCA Model for an ISMS
 Interested               Interested
   Parties                  Parties




 Information
   security
requirements               Managed
     and                  Information
expectations                Security
BS25999:2007
                                                                                             7




What is Business Continuity Management?
2.4 business continuity management (BCM)
  holistic management process that identifies potential threats to an organization
  and the impacts to business operations that those threats, if realized, might
  cause, and which provides a framework for building organizational resilience
  with the capability for an effective response that safeguards the interests of its
  key stakeholders, reputation, brand and value-creating activities
NOTE Business continuity management involves managing the recovery or continuation of
  business activities in the event of a business disruption, and management of the overall
  programme through training, exercises and reviews, to ensure the business continuity
  plans) stays current and up-to-date.




Source: BS 25999-2
Scope of the BCMS
• You must determine:
      Your key ‘products and services’
      The ‘critical activities’ associated with those products and
       services.
• You must also take into consideration:
      Organizational objectives and obligations
      The levels of risk you are prepared to accept.
      Interest of stakeholders
      Statutory, regulatory and contractual requirements
BCM Model
                                                        11



Benefits of BS 25999
• Helps protect and enhance your reputation and
  brand
• Opens new markets and helps you win new
  business
• Enables a clearer understanding of how your entire
  organization works which can identify opportunities
  for improvement
• Demonstrates that applicable laws and regulations
  are being observed
• Creates an opportunity to reduce the burden of
  internal and external BCM audits and may reduce
  business interruption insurance premiums
End of Presentation