BS25999 BS25999 Part 2 - Specification Implement and Operate BCMS [DO] | Implement and Operate BCMS [DO] |
|
|
|
|
Get out there and put those plans into action. Understand the OrganisationThis section essentially formalises what is in Part 1; that is carry out a BIA in a structured and documented manner recording the results. Using a documented risk assessment process the organisation shall analyse the threats it faces and vulnerabilities to those threats, these being measured against its critical activities and resources. The, decide how the organisation is going to address those risks. One of the key elements of this section is that the risk assessment process must be documented so again organisations can simply document how they do it or just use a recognised method and refer to that in their BCMS. Once the organisation is understood in terms of impacts, risks and likelihoods a reasonable strategy can be decided upon.
Develop and Implement a BCM ResponseOnce a strategy has been decided upon, implement it. This also includes the incident response structure. Exercising and Maintaining BCM ArrangementsWhen the BCM response has been implemented it has to be tested with an exercise programme that is appropriate for the organisation.
|
Subscribe to this comment's feed
| < Prev | Next > |
|---|
