Business continuity management (BCM) is a subset of business resiliency, which is primarily concerned with the prevention and protection of information systems and assets. The primary objective of BCM is to ensure the continuous availability of products and services to customers, regardless of the situation or event.
BCM consists of several different processes:
• Risk assessment – Involves identifying and evaluating potential risks to the organization’s operations.
• Business impact analysis (BIA) – Involves analyzing how different risks would affect the organization’s operations and resources.
• Developing a business continuity plan (BCP) – Involves planning and creating a detailed process to respond to any disruption or emergency.
• Testing and maintenance – Involves regularly testing the BCP, and making any necessary changes or modifications.
• Business recovery – Involves initiating and executing the business continuity plan, when faced with an emergency.
• Disaster recovery – Involves restoring core business functions and critical activities in the face of an unexpected disruption.
BCM covers both physical and technological aspects of the business, and is generally done on an annual basis to keep abreast of changing risk factors. It is also important to recognize that business continuity management is not a static process, but one that requires regular monitoring and updating to ensure effectiveness.