scope:

The Business Continuity (BC) Guideline has applicability in both the private and public sector environments. The BC Guideline is a series of interrelated processes and activities that will assist in creating, testing, and maintaining an organization-wide plan for use in the event of a crisis that threatens the viability and continuity of the organization.

SUMMARY

The BC Guideline is a tool to allow organizations to consider the factors and steps necessary to prepare for a crisis (disaster or emergency) so that it can manage and survive the crisis and take all appropriate actions to help ensure the organization's continued viability. The advisory portion of the guideline is divided into two parts: (1) the planning process and (2) successful implementation and maintenance. Part One provides step-bystep Business Continuity Plan preparation and activation guidance, including readiness, prevention, response, and recovery/resumption. Part Two details those tasks required for the Business Continuity Plan to be maintained as a living document, changing and growing with the organization and remaining relevant and executable. Appendix A offers the ASIS Business Continuity Guideline Checklist.

PURPOSE

Recent world events have challenged us to prepare to manage previously unthinkable situations that may threaten an organization's future. This new challenge goes beyond the mere emergency response plan or disaster management activities that we previously employed. Organizations now must engage in a comprehensive process best described generically as Business Continuity. It is no longer enough to draft a response plan that anticipates naturally, accidentally, or intentionally caused disaster or emergency scenarios. Today's threats require the creation of an on-going, interactive process that serves to assure the continuation of an organization's core activities before, during, and most importantly, after a major crisis event.

In the simplest of terms, it is good business for a company to secure its assets. CEOs and shareholders must be prepared to budget for and secure the necessary resources to make this happen. It is necessary that an appropriate administrative structure be put in place to effectively deal with crisis management. This will ensure that all concerned understand who makes decisions, how the decisions are implemented, and what the roles and responsibilities of participants are. Personnel used for crisis management should be assigned to perform these roles as part of their normal duties and not be expected to perform them on a voluntary basis. Regardless of the organization-for profit, not for profit, faith-based, non-governmental-its leadership has a duty to stakeholders to plan for its survival. The vast majority of the national critical infrastructure is owned and operated by private sector organizations, and it is largely for these organizations that this guideline is intended. ASIS, the world's largest organization of security professionals, recognizes these facts and believes the BC Guideline offers the reader a user-friendly method to enhance infrastructure protection.