News

Consultation on review of ISO Business Continuity Standards | Urgent

URGENT | Review of ISO 22301:2012 and ISO 22313:2012 – have your say!BSI Survey | Revision of ISO 22301 & 22313 | Business Continuity

 

For standards to remain relevant and keep up with the needs of industry they need to be reviewed and updated on a regular basis and after five years the time has come for the International Standards for business continuity management to be put under the spotlight to examine whether there are any revisions or amendments required.

As part of this process we are seeking the views from the community of standards users, from auditors and those who are certified, to those who align to it. This is your chance to help ensure that both the standard specification for ISO 22301 and the guidance available in ISO 22313 are delivering what is needed for stakeholders.

Please click on this link https://www.surveymonkey.co.uk/r/ISO-22301-17 and take the short survey to assist us with understanding the appetite for amendments and revision. The survey should take less than 10 minutes and will close on the 29th August 2017.

 


Revision of ISO 31000 Risk Management Guidelines - Draft available

 
International Standard Risk Management ISO 31000 Draft ReviewISO 31000, the international standard for Risk Management - ‘Risk Management – Principles and Guidelines’ - is now available for public consultation. 
 
The decision to review ISO 31000 was taken at in Chicago in 2013 and now, 4 years later, a draft version of the proposed updates to the ISO 31000 document is available for users to see.
 
The next steps will be a review of the comments submitted that will modify the text further and then a ballot by ISO members to move to the final publication.  The next ISO meeting is being held in San Francisco in July 2017 and this suggests publication of the revised risk management standard perhaps early in 2018. 
 
The draft of the standard for review and comment is now available on the BSI Draft Review system at https://standardsdevelopment.bsigroup.com/projects/76477a8f8de94a1e1d5c675e02973077. [registration required - Closing date for comments 11th April 2017] 
 
Click to Visit and View BSI DRAFT REVIEW SYSTEM
 

Major new British Standard for Cyber Risk and Resilience [Consultation]

BSI Cyber Risk and Resilience Standards BS 31111A major new British Standard [BS 31111] is in development to help senior executives and risk managers improve their cyber risk management and build the cyber resilience of their organizations.

Over the past year, the BSI Risk Management Committee has been working on developing new guidance that aims to help top executives better understand and manage the technology risks to their organizations.  

New Survey Report on Emergency Mass Notification Systems from MIR3

MIR3 recently funded a survey on EMNS (emergency mass notification systems) with DR GUIDE and made some interesting discoveries.
 
 
Many of the survey’s 700-plus respondents agreed that mass notification has become a critical business tool, and although advanced features are great, usability and reliability are even more important. 
 
To dig deeper, you can download the full report with commentary on the findings and lots of colorful charts and graphs. 
 
MIR3 Survey report on Mass Notification systems use 2016
 

Organizational Resilience Standard now available | ISO 22316

BSI ISO 22316 The International Standards Organisation has issued the Draft for Public Comment (DPC) for its new standard covering Organizational Resilience - Principles and Guidelines | ISO 22316.

Submissions are CLOSED. ISO 22316 is now available from the BSI Shop (click here)

This International Standard provides guidance to enhance organizational resilience for any size or type of public or private organization and is not specific to any industry or sector. It can be applied throughout the life of an organization.

Guidance from Police for a Firearms and Weapons Attack

What to do in the event of a terrorist  Fire & Weaspons attack

The National Police Chiefs’ Council have launched advice on what the public should do in the event of a terrorist attack. Attacks in the UK and abroad remind us all of the terrorist threat we face, which in the UK is considered as ‘severe’, meaning an attack is highly likely. 

Police and security agencies are working tirelessly to protect the public but it is also important that communities remain vigilant and aware of how to protect themselves if the need arises.

Recognising threat - the importance of pre-incident surveillance

The attacks in Paris on 13th November and London on 7/7 show the planning and preparation spent by terrorists and other groups in gathering information to assist with the target selection and operational planning. Any thought that these events occur by chance or on a whim should be banished.

Internet of Things | What does it mean?

 
Internet of Things – What does it mean and how to embrace it?   
 
Sentronex Article | Internet of Things | Continuity Forum Partner
At this year’s Consumer Electronics Show in Las Vegas, IoT, or the ‘Internet of Things’, was the trending buzzword. Samsung CEO BK Yoon even went so far as to boldly state that in five years all Samsung hardware devices will be IoT ready, with televisions connected by 2017.
 
On top of this, Gartner predicts that by 2020 a staggering 26 billion objects will be IoT connected; in other words, IP-enabled, interactive, and ‘smart’. In fact, this growing global market could hit a worth of $7.1 trillion by that date.  
 

Cyber Security for Purchasing Professionals

Cyber Risk Management for Purchasing and supply
 
A new initiative to help build cyber security has been launched that focuses on the important role played by procurement and purchasing teams.
 
While schemes such as Cyber Essentials provides help with technical issues, the new government backed scheme provides free of charge training for procurement professionals.  The on-line course helps build understanding of the most common risks faced and how they can be addressed.
 

Global Assessment Report 2015 - Manage the Risks, not just the disaster

UN GAR report Disaster Risk Reduction project and risk management
 
Governments and organization need to better understand and actively manage Risks rather than just be responding to the disasters as they happen.  
 
Thats the conclusion of the United Nations Global Assessment Report 2015 that aims to set the future direction for Disaster Risks around the world.   
 
The Global Assessment Report on Disaster Risk Reduction (GAR) is a biennial global assessment of disaster risk reduction and a comprehensive review and analysis of the natural hazards that are affecting humanity.
 

What about Resilience?

Risk, Business Continuity and Resilience - are we getting the landscape right?
 
Business Continuity, Resilience and the Rhinos ear
 
Imagine trying to describe or just outline what a Rhinoceros looks like to someone when you have only have seen a small part of the whole animal yourself, perhaps just a foot or an ear.
 
Three toed camel or a resilient  Rhino? When you haven't seen the whole thing it makes it awkward at best, perhaps even impossible. Its certainly rather tricky eh?  You could end up with a Donkey, a three toed Camel or indeed a host of bizarre critters. To describe a Rhino properly you have got to step back and get the whole picture. (We know this is usually done with elephants, but we prefer a rhino for this analogy...  its an ear thing!)  
 
We’re using this example to illustrate one of the most interesting topics emerging across the Risk and Business Continuity Sectors  - Organizational Resilience! 
A lot of people are talking about it and the discussion underway is really interesting. 
 

The Ups and Downs of BC Management

 
Ups and downs of BC article by Ann Pickren, MIR3 COO.You’d think that with the right intentions and a careful, attentive execution, your business continuity plan would be a success, wouldn’t you?
 
Unfortunately, that’s not always the case. Often the smartest professionals prepare a perfect program, but for unforeseen reasons the outcome is less than ideal.
 
What went wrong?
 

Recognising the Terrorist threat

There is a serious and sustained threat from both international and Irish-related terrorism to the UK and UK interests overseas.

1. Threat levels

You can check the current threat levels:

The most significant terrorist threat comes from al-Qa’ida and associated networks. As the coordinated attacks on London in July 2005 showed, attacks may be mounted without warning.

Cyber Risk - an animated short introducing cyber risk and the essentials programme

An Introduction to Cyber Risk and the Cyber Essentials Scheme - Video

This is a short 5 minute video that rather light heartedly provides a basic introduction to Cyber Risk.  It isn't technical and aims to help build awareness of Cyber Risk has evolved and introduces the UK Cyber Essentials Scheme.

 



If you would like to know more about our work covering Cyber Risk then get in touch.

You can also find out more about the special Cyber Risk and Insurance Forum by clicking on the link in the menu bar. 

 


Government provides e-learning for SME's on Cyber and Information Security Risk

New Free e-elaerning course to boost cyber risk and information security resources available to SME'sGovernment boosts support for SME business with free Information Assurance e-learning course.

The course has been developed from governments own initiative on information security and the management of related risks across the public sector where over 200,000 people in local and central government have completed the modular course.

Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...