Whenever the definition of Business Continuity Management or BCM is discussed in any seminar or workshop, professionals seemed to aligned this terms to “Enterprise Risk Management,” “Risk Management,” “Crisis Management,” “Contingency Planning'” etc. This is followed by an argument about the similarity and which term should be used. before we adjourned further, it is important to start the discussion with beginning with the definition of what is exactly the meaning of BCM? (Refer to definition append in the next paragraph.)
I often start the explanation of BCM as an holistic approach to identifying threats and risks to an organization. This is followed by the identification of the risk and threats and its respective response, recovery, resumption and restoration procedures or plans to avoid, prevent, mitigate, reduce and transfer the risk. Each threat is then assigned to a specific team of professionals to implement the appropriate actions to be taken.
Definition of Business Continuity Management
As defined in the BCMPedia.org, the term Business Continuity Management or BCM is implied as an organization-wide discipline and a complete set of processes that identifies potential impacts which threaten an organization. It provides a capability for an effective response that safeguards the interests of its major stakeholders and reputation.
Overview of Business Continuity Management
Elaboration of Description of Business Continuity Management
- Business Continuity Management: This is the umbrella of all the response, resumption, recovery and restoration plans for the respective threats.
- Planning Methodology: In an organization, it is recommended that all the plans should adhere to one common methodology. The detailed breakdown of each phase can be found on the blog: BCM Concepts: BCM Planning Methodology.
- Type of Disruption: The effects of threats that typically disrupt IT systems, continuity of businesses, supply chain, security to facility and infrastructure, management and organization reputation. This list is not comprehensive and it can be extended based on industry requirement.
- Plan: At the end of each implementation, there is always a set of procedures or plans that is developed. These includes: IT Disaster Recovery plan, Business Continuity plan, Supply Chain BC plan, Security Management plan and Crisis Management plan.
I have presented a brief explanation on the overview of business continuity management. It is important to discussed the principles and purpose of developing these holistic approach and the challenges that its poses to many organization during its implementation. This will be further discussed in part 2.