Introduction Does it really matter? Corporate governance and CSR DR, BC, BCP or BCM? Chapter 1: The Operational Risk Landscape for Business and Other Organisations Weather Energy Operational risk management The risk management process Chapter 2: What Does BCM Actually Achieve? Tangible benefits Chapter 3: An Incredibly Short History: Early DR to 2011 BCM Continuity and resilience Chapter 4: The Role of Standards and Independent Validation Business continuity standards Other standards Compliance Supply chain Corporate governance Chapter 5: The Management System Approach versus a Simple BC Plan Chapter 6: Planning the BCMS What is a BCMS? Chapter 7: Identifying the Organisation's Requirements Risk assessment Business impact analysis Chapter 8: Strategy and Options Contingencies Physical infrastructure Information People Seasonality Incident level Output Chapter 9: Incident and Crisis Response Incidents, crises and disasters The response organisation The response team Competencies Response plans Communications Full recovery Insurance Chapter 10: The Assurance Process Exercise programme Maintenance programme Audit programme Management review programme Continual improvement Summary Chapter 11: BCM as a Competitiveness/Assurance Tool The insurance argument Cost-effectiveness Peace of mind Chapter 12: Tools and Software The BC software market What to look for in BC software Chapter 13: The New World of Sustainability BIA Business as usual Incident response Chapter 14: How to Do It Visible programme Awareness Certification Summary Appendix 1: Acronyms Appendix 2: Business Continuity Policy Policy statement Appendix 3: A Simple Risk Register Appendix 4: Incident Response Plan Use of this plan The crisis management team (CMT) Recovery time objectives Response and recovery activities Ending the business continuity phase Appendix 5: Scenario Plan Appendix 6: Activity Recovery Plan Appendix 7: Document Review and Control Procedure General Version control Retrieval and distribution Appendix 8: Corrective and Preventive Actions Form Appendix 9: Exercise Methodology/Procedure Desktop exercise Full exercise IT DR exercise Continuous improvement Reporting requirements Exercise programme Appendix 10: BCM Software Vendors Appendix 11: Suggested Software Enquiry Form Appendix 12: BCM Audit Programme and Procedure Appendix 13: IT Disaster Recovery Plan/Procedure Recovery time objectives ITG Resources
Tony Drewitt held a number of technical, commercial and senior management positions before becoming a full-time management consultant 10 years ago. He was one of the first consultants in the UK to achieve full certification under BS25999-2. Tony has been a practising business continuity consultant, trainer and technical expert since 2001 and is a professional member of the Business Continuity Institute.