The latest Standard to the be released titled “AS/NZ5050 - Business Continuity Managing disruption-related risk” comes from Standards Australia and arrives just a few months before the long awaited US BCM Standard which is in its final stages and is being jointly developed by the BSI and ASIS which will likely appear as an ANSI Standard in just a few months.
In an interesting departure from established convention the Australia/New Zealand Standard takes different slant on key aspects of the process and connects far more with with risk management principles than others. The Standard itself declares that “the approach (taken) to managing disruption-related risk described in the Standard is through application of AS/NZS ISO 31000:2009, Risk management—Principles and guidelines.”
American Standard Body to produce US Standard for Business Continuity
ASIS Online based in Virginia has now started the work to develop its American National Standards Institute (ANSI) project to produce a Business Continuity Management (BCM) standard, for approval by ANSI.
Close links have been developed over the past 6 months between the BSI, the BCM/1 committee and ASIS in order to share experience and help to build consistency between the key elements of BS25999 and the proposed ANSI standard.
In a recent interesting piece by Dr Eric Schmidt of TDS Inc. he explores some of the background of the Sarbanes Oxley and looks at the implications it has for Organisations affected and specifically the impact on Business Continuity Practitioners. He argues persuasively that regulatory initiatives and world events are driving the convergence of business continuity, security and information management under the umbrella of enterprise risk management, sometimes referred to as global assurance.
This update provides basic guidance for banks and sets out banking supervisors’ views on compliance in banking organisations.
Using a framework of principles, the latest update illustrates how compliance with the laws, rules and standards that govern banking activities helps to maintain a bank’s reputation with its shareholders, customers, employees and the markets. At the same time, the paper incorporates sound practice guidance to assist banks in designing, implementing and operating an effective compliance function. To optimise its usefulness to all banks, they stress that a single framework of principles for effective compliance risk management does not restrict individual banks to a single organisational or operational approach. However, each bank must be prepared to demonstrate that the approach adopted is effective in dealing with the bank’s unique compliance risk challenges.