BCM (otherwise known as Business Continuity Management) is a model for identifying an organisation's risk of exposure to internal and external threats.
The goal of BCM is to provide the organisation with the ability to respond to threats, such as natural disasters or breaches in data, and help ensure the business can maintain critical functions and continue their daily business operations to the best of their ability.
Business continuity management is a system that focuses on the importance of Business Continuity and readiness needs, as well as the necessity for establishing enterprise continuity, management policy and objectives
Implementing and operating controls and measures for managing an organisation's overall continuity risks
Monitoring and reviewing the performance and effectiveness of the business continuity management system
Continual improvement based on objective measurements
There are three core components of Business Continuity Management
1. Crisis Management Plan
The Crisis Management Plan provides the critical communication mechanics necessary to ensure employee safety, provide initial information and direction and organise ongoing actions.
2. Disaster Recovery Plan (IT)
The Disaster Recovery Plan typically refers to the plans in place to restore essential information technology (IT) systems and applications that enable critical business processes.
3. Business Resumption Plans
The business resumption plans are specific to each critical business function and articulate the concrete steps necessary to enable respective process (e.g.. payroll).
It's vital to have a reliable BCM system in place to be compliant as a business to both internal and external stakeholders. It is also critical when your enterprise is storing vital information on their customers.
Value Achieved in Business Continuity Management
This analyst report from GRC20/20 looks at the value one of Australia's largest banks received from implementing an agile business continuity management system.