scope:

General

This International Standard specifies requirements for setting up and managing an effective Business Continuity Management System (BCMS).

A BCMS emphasizes the importance of

- understanding the organization's needs and the necessity for establishing business continuity management policy and objectives,

- implementing and operating controls and measures for managing an organization's overall capability to manage disruptive incidents,

- monitoring and reviewing the performance and effectiveness of the BCMS, and

- continual improvement based on objective measurement.

A BCMS, like any other management system, has the following key components:

a) a policy;

b) people with defined responsibilities;

c) management processes relating to

1) policy,

2) planning,

3) implementation and operation,

4) performance assessment,

5) management review, and

6) improvement;

d) documentation providing auditable evidence; and

e) any business continuity management processes relevant to the organization.

Business continuity contributes to a more resilient society. The wider community and the impact of the organization's environment on the organization and therefore other organizations may need to be involved in the recovery process.