/ Home / Standards

Standards

Information and Advice on Standards

London Cyber Conference ends, but what next?

in
 
Business Continuity Forum opinion
London Cyber Conference
2011 
 
 
Over two days the London Cyber Conference 2011 delivered a truly international focal point to examine how our digital world is developing and share what needs to be done to keep the benefits, but remove some of the risks.  
 
With over 700 people from 60 countries there really was a global presence and the issues discussed in the plenary and private sessions clearly communicated the breadth of the challenges being faced in cyberspace.
 

BSI launch new Crisis Management Standard with the Cabinet Office

in

 

BSI Crisis Management. Guidance and Good PracticeThe Cabinet Office and the British Standards Institution are today launching a new crisis management standard to help businesses cope with unexpected emergencies like civil unrest, employee deaths, corporate espionage or natural disaster.

The standard – known technically as PAS 200 – advises organisations on the kind of capabilities they need to develop and maintain in order to detect, prepare and respond to a crisis.  

Phase 2 Consultation of Civil Contingencies Act

in
After two years the revision of the Civil Contingencies Act (CCA) through the Enhancement Programme (EP) is nearing completion with the final consultations closing on 27th September 2011.  
 
The Enhancement Programme to the Civil Contingencies Act covers most areas of the legislation and has been split into phases. The phase has delivered updates centred primarily on Emergency Response and Recovery across the country and builds on the lessons learnt since the introduction of the Act. Clarification and updates have also been made on Good Practice Guidance, Mutual Aid and the fit with other legislation. (Summary of Phase One work)   
 
The work continues with consultation on the changes proposed in the following areas: 
 
Co-operation
Local Responder Risk Assessment Duty
Business Continuity Management
Communicating with the Public
Business Continuity Advice and Assistance to Business and the Voluntary Sector);
Arrangements for London
 
If you have yet to review these changes to the Act time is running out. You can use the links below to see and comment on the changes proposed.  
 
The Continuity Forum welcomes the revision process, particularly the aligning of Business Continuity arrangements with the British Standard BS25999 that we feel the revisions significantly clarify the expectations of the Act within all Category One and Two Responders. Another Major plus for the revised Act are the expectations relating to communications which we feel is a major step forward, providing greater clarity and removing much of the ambiguity that previously existed. It is clear to us that the CCA team has worked hard to a balanced review that provides flexibility in delivering appropriate solutions and processes, whilst maintaining clear direction on the expectations of the Act.    
 
The alignment with BS25999 is of particular importance to the sector and our communities as the Civil Contingencies Act preceded the launch of the Standard. Whilst many of those within the sector had aligned with BS25999 principles the now revisions make this expectation far clearer. We would hope that those planing in Category One and Two organisations will quickly move to assess and adapt their planning to meet this expectation, in particular the aspects that address their supply chain. Many BCM professionals working within organisations covered by the CCA have found this area to be a difficult area to address with management and has led to numerous avoidable problems.     
 
One area that we feel may need to be strengthened is the verification and audit of of the Business Continuity arrangements in place. Whilst we accept that some aspects of the BCM capabilities within Category One organisations may need a degree of adaption (and indeed BS25999 allows for this) this should not undermine the intent of either the Act or BS25999. Consequently, we would to see a condition added to justify variance from the standard.  This would not undermine the flexibility of either the Act or standard, but would result in evidence for the need to vary from accepted Good Practice to be justified more clearly. We also feel that a little more focus should be given to the audit and assessment of the plans developed and deployed as could be argued as fundamental to delivery of value from the investment being made. 
 
With regards to Category Two responders, we feel that the regulators for these sectors need to pay far more attention to the Business Continuity arrangements developed by the companies they are responsible for regulating and should demand similar levels of detail and regular updates. The Continuity Forum is working in this area and we are hoping to meet with the primary regulators shortly to discuss this issue further.        
 
Links to more information is shown below: (Opens in new window)
 
In a change to previous consultations, those wishing to comment are asked to submit their comments, via a dedicated on-line survey. The link is HERE!
   
If preferred, paper based comments will be accepted and a template can be requested from ccact@cabinet-office.x.gsi.gov.uk
 
Final versions of the revised Act are expected to be complete in early Spring 2012. 
 
If you have any questions or would like to discuss the Civil Contingencies Act in more detail please do get in touch.
 

 

 

Business Continuity Lead Auditor Course Special Offer

in
 
We are pleased to be able to offer you access to the BSI's BS 25999 Lead Auditor at a massive saving of well over £1000!  
 
COURSE INFO:
 
The 5 day course will be run in central Manchester commencing on the following dates - 
 
6 June 2011 (2 places left @ £1000 + VAT)
18 July 2011 (£1100 + VAT)
 Refreshments and lunch included.  
 
The BSI advertised rate of circa £2300 per delegate however I can offer the course at significant discount rate per delegate (rate negotiable for multiple bookings). 
 
 

Business Continuity Standards

in
 
Business Continuity Standards PortalBusiness Continuity Standards NEws and Information
 
This is the information and news update portal of the Continuity Forum focused on Business Continuity and Resilience Management related Standards and related matters.
 
Through these pages we'll bring you the latest information on the developments in the world of Standards affecting Business Continuity, Resilience, Emergency Management, Security and Crisis Management.
 
Business Continuity Standards information, news and advice
A significant amount of our day to day work involves working within the various standards bodies committee structures on developing and maintaining Business Continuity and Resilience based standards in the UK and Internationally. We represent the views of users, consultants and service providers where we provide consistent support, contribution and continual development for the sector.  
 
Business Continuity and Resilience News and Information   
 
Click to buy any BSI or ISO Standard Our extensive knowledge of Business Continuity and Resilience standards and regulation covers public and private sector organisations of all sizes and types ... no matter what the question help is just a phone call away! 
 
More on our involvement with Standards
 
Our involvement in developing standards for Business Continuity started in 2000 when a wide group of organisations including BSI, Loss Prevention Council, ABI, BCI and representatives from government, as well as industry experts and leading companies met at Burnham Beeches Hotel in Buckinghamshire for the first special industry summit.
 
The Continuity Forum presented the findings and recommendations from a year long research programme looking at the emerging Business Continuity Sector and what was needed to provide a sound foundation for development and growth.
 
The results recommended that three key pillars were needed to be worked on ensure the development of the sector into a mature discipline.
 
Significantly, the pillars needed a solid foundation that provided, through industry consensus, definitions and a proper framework that properly described the whole disciple of Businsess Continuity.
 
In other words, Industry Standards.
 
Within a year or so of the Summit, regulation had started to appear across a number of industry areas and the work to started on creating, firstly a Publicly Available Specification (PAS56) and then BS 25999 from the BSI that went on to be the most successful management systems standard in their history. 
 
The Continuity Forum are members of the BCM/1, SSM/1 and RM/1 committees of the BSI and the BCM.01 group from ASIS that developed the BCM.01 Standard for Business Continuity for North America.  
 
Our work is ongoing with contributions in these areas continuing and being extended to the International Standards Organisation (ISO) on both Business Continuity and Organisational Resilience
 
If you have any questions or would like to discuss how Business Continuity or Resilience may benefit your organisation please do get in touch and we'll be please to advice you. 
 

 

 
 

HML renews BS 25999

in
 
Financial outsourcer HML has had its BS25999 Business Continuity Planning Certificate renewed for the second year in succession.
 
KPMG visited HML’s Skipton and Derry sites to assess the company’s Business Continuity Management System and related planning, preparation and governance.
 
Dave Edlin, HML’s Business Continuity Specialist explained why external accreditation is so important for organisations: “Gaining the BS25999 Certificate gives HML’s stakeholders peace of mind that should the unexpected occur, business will continue as close to normality as possible.
 

ISO announce new ICT security standard to improve Business Continuity resilience

in
ISO security standards and Business Continuity
 
 
The International Standards Organisation (ISO) has released a new set of international guidelines to help protect and ensure the security of information and communication technologies and boost Business Continuity capabilities.
 
ISO/IEC 27031:2011 is aimed at all organisations regardless of their type, size and complexity and it is hoped that through the adoption of the standard greater resilience against hacking, denial of service and malware attacks will be seen.
 

BS25999 achieved by Vocal

in

 

The British Standards Institute has awarded Vocal, best known for its iModus notification system,  full BS25999 accreditation – the British standard of business continuity management. The accreditation incorporates the entire organisation and including the iModus system. 
 

Maintaining continual improvement momentum in BCM

in
Does the phrase continual improvement turn you cold?
 
Do you feel under pressure to keep reinventing the Business Continuity Management System (BCMS) wheel?
 
What is continual improvement?
 
If you think that you have to find new ways to improve your Business Continuity system every day for the rest of your life, relax. Continual improvement is a state of mind as much as identifying tangible improvements.
 
Take a look at what is meant by the words continual and improvement. 
 

ISO22301 BCM Standard review period closes 28th February

in

 

BSI are asking for comments from stakeholders and professional on the  revised ISO standard 22301 Societal Security - Business Continuity Management Systems Requirements. ISO 22301 follows the main principles of BS25999 and BCM.01 and could potentially replace them over time, so you input is important. 

 

This revision has seen clarification, elaboration and alignment to the ISO 31000 Risk Management Standard. 

 

The draft version is issued to allow comments from interested parties; all comments will be given consideration prior to publication and is accessed through the BSI online Draft Review System. 

 

The review period closes on 28th February and please do contact us directly if you would like any further information on the process or the Standard

 

To access the system please click here 

 

 

 

 


 

Consultation for BS31000 Risk Management Code of Practice starts

in

 

BSI are publishing today the revised BS standard 31100 Risk Management Code of Practice as a Draft for Public comment. 

 

Your assistance in reviewing the Code of Practice and providing feedback would be much appreciated. 

ANSI approve ASIS/BSI BCM.01 standard

in
 

The American National Standards Institute (ANSI) has approved the ASIS/BSI BCM.01 2010 standard for Business Continuity Management. 

 

The full name for the standard is ANSI/ASIS/BSI BCM.01:2010, Business Continuity

Dr Marc Siegel

Management Systems - Requirements with Guidance for Use (Joint ASIS International and British Standards Institute (BSI) Standard) and whilst a mouthful it reflects the very close collaboration throughout the whole development process between ASIS and the BSI.  This approach led to a multi-national team being involved with committee formed responsible for the development being co-chaired by Dr Marc Siegel (US) and Kevin Brear (UK) and that also included Russell Price from the Continuity Forum.

 

BS25999 awarded to EC Group

in
EC Group has become the first promotional handling and fulfilment company to be awarded BS 25999 certification in Business Continuity Management from BSI. EC Group provides outsourced marketing services. 

BS25999 Certification for Altius Associates Limited

in
 
Altius Associates Limited (“Altius”) are the first financial services company in the world to achieve official accreditation to the Global Industry Standard for Business Continuity, BS25999. 
 

Fun video from BSI - everyone's a winner

in
Business Continuity Forum events news information
A fun video from the BSI showing that a crisis can come from the most unexpected and even impossibly unlikely sources.  This one's a 14million to one chance.
 
Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...