News

EON achieves Business Continuity BS25999 certification again

 
Last year Continuity Forum reported on E.ON UK’s accomplishment in achieving BS25999-2 certification across its Business services, with no non-conformities found
 
Recently, following a Continuing Assessment surveillance visit by BSI auditors, E.ON UK has been successful in maintaining its Business Continuity certification - again with no non-conformities found. 
 

London Cyber Conference ends, but what next?

 
Business Continuity Forum opinion
London Cyber Conference
2011 
 
 
Over two days the London Cyber Conference 2011 delivered a truly international focal point to examine how our digital world is developing and share what needs to be done to keep the benefits, but remove some of the risks.  
 
With over 700 people from 60 countries there really was a global presence and the issues discussed in the plenary and private sessions clearly communicated the breadth of the challenges being faced in cyberspace.
 

Foreign Secretary William Hague addresses the London Conference on Cyberspace

 
Delegates from around the world gathered in London to debate Cyberspace and its role in the modern world.  The benefits of the 'Net' has helped drive an estimated 21% growth in the economies of countries over the past decade and the newest start-up can now be global at the click of a button.
 
Internet Communications has been revolutionised around the world and has contributed to the developed of vast social networks that cross borders, cultures and interests.  There are now over two billion regular users of the Internet and this is continuing to grow and become ever more mobile as smart devices continue evolve placing the digital world in our hands wherever we are. 
 
With all the opportunities the Net has been a powerful part of the development of communities and business, but there is a darker side.
 

Understanding Cyber attack - a short film

This short video from the BBC looks at the threat of cyber attack and how measures need to be more widely developed to address the threats.

The London Cyberspace Conference

 
International leaders from government and business are meeting in London to discuss cyberspace and how to manage its risks. The UK Foreign Secretary, William Hague, will welcomes participants form around the world including US Secretary of State Hillary Clinton, Swedish Foreign Minister Carl Bildt, and Jimmy Wales, the founder of Wikipedia.
 
Criminals are exploiting the growth of cyberspace. They are using it to extort money, steal identities, ideas and designs, defraud government departments and businesses, as well as exploit the most vulnerable in our societies, particularly children. The annual cost of cyber crime to the global economy could be as much as $1 trillion.

BSI launch new Crisis Management Standard with the Cabinet Office

 

BSI Crisis Management. Guidance and Good PracticeThe Cabinet Office and the British Standards Institution are today launching a new crisis management standard to help businesses cope with unexpected emergencies like civil unrest, employee deaths, corporate espionage or natural disaster.

The standard – known technically as PAS 200 – advises organisations on the kind of capabilities they need to develop and maintain in order to detect, prepare and respond to a crisis.  

Phase 2 Consultation of Civil Contingencies Act

After two years the revision of the Civil Contingencies Act (CCA) through the Enhancement Programme (EP) is nearing completion with the final consultations closing on 27th September 2011.  
 
The Enhancement Programme to the Civil Contingencies Act covers most areas of the legislation and has been split into phases. The phase has delivered updates centred primarily on Emergency Response and Recovery across the country and builds on the lessons learnt since the introduction of the Act. Clarification and updates have also been made on Good Practice Guidance, Mutual Aid and the fit with other legislation. (Summary of Phase One work)   
 
The work continues with consultation on the changes proposed in the following areas: 
 
Co-operation
Local Responder Risk Assessment Duty
Business Continuity Management
Communicating with the Public
Business Continuity Advice and Assistance to Business and the Voluntary Sector);
Arrangements for London
 
If you have yet to review these changes to the Act time is running out. You can use the links below to see and comment on the changes proposed.  
 
The Continuity Forum welcomes the revision process, particularly the aligning of Business Continuity arrangements with the British Standard BS25999 that we feel the revisions significantly clarify the expectations of the Act within all Category One and Two Responders. Another Major plus for the revised Act are the expectations relating to communications which we feel is a major step forward, providing greater clarity and removing much of the ambiguity that previously existed. It is clear to us that the CCA team has worked hard to a balanced review that provides flexibility in delivering appropriate solutions and processes, whilst maintaining clear direction on the expectations of the Act.    
 
The alignment with BS25999 is of particular importance to the sector and our communities as the Civil Contingencies Act preceded the launch of the Standard. Whilst many of those within the sector had aligned with BS25999 principles the now revisions make this expectation far clearer. We would hope that those planing in Category One and Two organisations will quickly move to assess and adapt their planning to meet this expectation, in particular the aspects that address their supply chain. Many BCM professionals working within organisations covered by the CCA have found this area to be a difficult area to address with management and has led to numerous avoidable problems.     
 
One area that we feel may need to be strengthened is the verification and audit of of the Business Continuity arrangements in place. Whilst we accept that some aspects of the BCM capabilities within Category One organisations may need a degree of adaption (and indeed BS25999 allows for this) this should not undermine the intent of either the Act or BS25999. Consequently, we would to see a condition added to justify variance from the standard.  This would not undermine the flexibility of either the Act or standard, but would result in evidence for the need to vary from accepted Good Practice to be justified more clearly. We also feel that a little more focus should be given to the audit and assessment of the plans developed and deployed as could be argued as fundamental to delivery of value from the investment being made. 
 
With regards to Category Two responders, we feel that the regulators for these sectors need to pay far more attention to the Business Continuity arrangements developed by the companies they are responsible for regulating and should demand similar levels of detail and regular updates. The Continuity Forum is working in this area and we are hoping to meet with the primary regulators shortly to discuss this issue further.        
 
Links to more information is shown below: (Opens in new window)
 
In a change to previous consultations, those wishing to comment are asked to submit their comments, via a dedicated on-line survey. The link is HERE!
   
If preferred, paper based comments will be accepted and a template can be requested from ccact@cabinet-office.x.gsi.gov.uk
 
Final versions of the revised Act are expected to be complete in early Spring 2012. 
 
If you have any questions or would like to discuss the Civil Contingencies Act in more detail please do get in touch.
 

 

 

Getting Started Events Continuity Forum

 
Getting Started with Business Continuity - Events
Getting started with Business Continuity, Risk and Resilience
 
The Continuity Forum has built a special series of education events designed to get your planning off to the right start and help you and your colleagues develop the right skills as your planning develops and matures.
 
Our approach is to break down the whole Business Continuity Management Cycle into manageable chunks that help ensure the lessons learned can be applied between sessions.
 

ICM shares data on the causes of BCM plan invocation

ICM Business Continuity has released figures showing the causes of customer invocations from January through to June 2011. 
 
Out of 58 events 42 where related to hardware with 15 attributed to other causes including seven down to power issues and two instances each of Flooding, Fire and Data Corruption. There was even one denial of Access event.
 

Updated Counter Terrorism Strategy announced

The government has completed its review of the CONTEST Strategy designed to fight the threat of terrorism across the UK and the international interests of the country.

The changes have been made to continue to reflect risks posed by terrorists. The four strands of the approach cover:

Pursue: to stop terrorist attacks

Prevent: to stop people from becoming terrorists or supporting terrorism

Protect: to strengthen our protection against terrorist attack

Prepare: where an attack cannot be stopped, to mitigate its impact

Business Continuity Awards - 2011

 
The CIR Business Continuity awards dinner was held last night at the Hilton Park Lane Hotel. 
 
The winners were:
 

VSAT launched in the South West

 
The Continuity Forum was delighted to once again be working with our colleagues at NaTSCO, Dorset Police and the Counter Terrorism Intelligence unit at this weeks South West Regional launch of the Vulnerability Self Assessment Toolkit (VSAT). The launch was held for around 100 people and included many of the areas leading employers. 
 

MIR3 advises checking Preparedness & DR Plans ahead of Hurricane Season

 
Hurricane season approaches, MIR3 checklist helps Business Continuity Planners prepareWith the 2011 hurricane season set to officially begin June 1, MIR3, the innovator of real-time Intelligent Notification™ and response technology, is urging employers to review their current business continuity and disaster recovery (BC/DR) plans to keep employees safe and operations running should a hurricane or tropical storm hit.
 
 
According to the Colorado State University forecast team, the 2011 hurricane season is anticipated to be an above average season, with 16 named tropical storms and nine hurricanes likely to form in the Atlantic basin, with five expected to develop into major hurricanes of Category 3 or higher. Employers with staff along the eastern and Gulf coasts of the Atlantic must prepare for risks associated with these storms that can negatively impact business operations including mass power outages, property damage and potential harm to employees.
 

BCM and the Cloud lessons from experience

 
A relatively simple and entirely repeatable human error led to the failure of one of the most respected and reliable Cloud Computing providers, Amazon.
 
Despite having Business Continuity Plans, the resulting collapse left 1,000's of customers and millions of users unable to access a wide variety of Websites causing millions to be lost.
 
Some forecasters are already saying that the EC2 failure will slow the growth of Cloud Computing, with companies concentrating rather more on private Cloud options, rather commit to Public Clouds.   
 

Commons Transport Select Committee reports on winter travel chaos

 
Snow causes massive disruption across the UK The Commons Transport Select Committee has issued its report on last year's snow chaos that shut Heathrow airport and disabled significant parts of the rail network.
 
Many roads including motorways were badly affected and it is reported that £280 million was lost to the UK economy each day.
 
Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...