• Home /
• Useful Business Continuity Management resources

Useful Business Continuity Management resources

You'll find BCM Tools, book reviews, FAQs on BS 25999, webinars, white papers and other free downloads in this section of the website. For more information on Business Continuity Management, the following publications are available to buy online here: Standards, Publicly Available Specifications, Books and DVDs.

Standards

Put at its simplest, a standard is an agreed, repeatable way of doing something. It is a published document that contains a technical specification or other precise criteria designed to be used consistently as a rule, guideline, or definition. Read What is a standard? for more information.

BS 10012:2009 Data protection. Specification for a personal information management system

The British Standard, BS10012 Data protection. Specification for a personal information management system has been developed to establish best practice and aid compliance with data protection legislation. It is the first standard for the management of personal information.

BS 25777:2008 Information and communications technology continuity management. Code of practice

In most organisations, the processes that deliver products and services depend on information and communication technology (ICT). Disruption to ICT can therefore be a huge risk and can damage your organisation's ability to operate and undermine its reputation. The consequences of a disruptive incident vary and can be far-reaching, and might not be immediately obvious at the time. BS 25777 will help your organisation plan and implement an ICT continuity strategy.

BS 25999-1:2006 Business Continuity Management. Code of Practice

BS 25999-1 is a code of practice that takes the form of guidance and recommendations. BS 25999-1 establishes the process, principles and terminology of business continuity management (BCM), providing a basis for understanding, developing and implementing business continuity within an organisation and to provide confidence in business-to-business and business-to-customer dealings.

   Also available as a laminated pocketbook

BS 25999-1 Business Continuity Self-assessment Online

BS 25999-1 Business Continuity Self-assessment Online is a web-based tool that contains 191 questions. This set of pertinent questions follows BS 25999-1, so that you know that you are assessing your organization’s performance against this recognized standard, giving you confidence in your BCM policies and procedures.

BS 25999-1:2006 (German) Business continuity management. Code of practice

German translation of BS 25999-1:2006

BS 25999-1:2006 (Spanish) Business continuity management. Code of practice

Spanish translation of BS 25999-1:2006 (Paperback)

BS 25999-2:2007 Business Continuity Management. Specification

BS 25999-2 specifies requirements for establishing, implementing, operating, monitoring, reviewing, exercising, maintaining and improving a documented Business Continuity Management System (BCMS) within the context of managing an organisation’s overall business risks.

   Also available as a laminated pocketbook

BS 25999-2 Business Continuity Self-assessment Online

BSI BS 25999-2 Business Continuity Self-assessment online toolkit has been designed specifically to make it easy to work across multiple sites and with multiple users, though you can just as easily use it as a standalone application.

BS 31100:2008 Risk management. Code of practice

BS 31100 is a key standard for risk management. It gives you an understanding on how to develop, implement and maintain effective risk management within your business. Using BS 31100 effectively can help you increase your company's effectiveness.

BS ISO/IEC 27001:2005 Information technology. Security techniques. Information security management systems. Requirements

BS ISO/IEC 27001:2005 covers all types of organisations (e.g. commercial enterprises, government agencies, non-profit organisations) and specifies requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented information security management system (ISMS) within the context of the organisation’s overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organisations.

Publicly Available Specifications

A Publicly Available Specification (PAS) is a standard developed by BSI British Standards commissioned by an external organization. Such external bodies have included, UK Government, trade associations and private companies.

PAS 77:2006 IT Service Continuity Management. Code of Practice

An effective IT service continuity management (ITSCM) system safeguards the performance of IT services both before and after an incident. By investigating, developing and implementing preventative and recovery options beforehand, an organisation can minimize and manage an interruption to service that threatens the continuity of the business.

PAS 79:2007 Fire risk assessment. Guidance and a recommended methodology

PAS 79:2007 Fire risk assessment. Guidance and a recommended methodology is a comprehensive Publicly Available Specification (PAS) that gives a nine-step structured approach and corresponding documentation for conducting and recording significant findings of fire risk assessments in buildings across three legislative regimes, namely that in England and Wales, that in Scotland and the unchanged legislation in Northern Ireland (which will not change until, at least, later this year).

Books

A Risk management approach to business continuity. Aligning business continuity with corporate governance

This book looks at the concepts of risk management and business continuity management from a holistic approach, and encourages organisations to go deeper when developing business continuity plans to see it as an opportunity for growth, not just a survival plan. It will be a useful tool for risk managers and continuity managers, and of broader interest to all senior management.

Auditing Business Continuity Management Plans

This is an essential guide for those seeking to implement BS 25999, the BCM standard. It will help ease the introduction of BCM using BS 25999 by providing instructions on using internal audits to ensure that the implementation is undertaken in a controlled and managed way. The book also introduces the role of the external assessors and explains how internal audits can be used to prepare the way for these external assessments as well as making them quicker and easier to undertake, therefore potentially reducing costs and business impact.

Disaster and Emergency Management Systems

This book is the guide to the key benchmark standard for implementing a business continuity management (BCM) system. It provides a strategic overview of the key steps that organisations should take to ensure that the risks of catastrophic failure are proactively minimized. It is written as a guide for anyone responsible for disaster and emergency management, with advice on how to design a disaster and emergency management system for any organisation, including hospitals, the police force and airline companies.

Exercising for Excellence: Delivering a Successful Business Continuity Management Exercise

This "how-to" book provides a straightforward and practical guide for anyone with responsibility for the planning and delivery of business continuity management (BCM) exercises. The book is an insider’s guide to conducting successful business continuity exercises. It will enable you to test and evaluate the effectiveness of your current incident management capability and business recovery plans.

Managing Risk and Resilience in the Supply Chain

This practical book explores the co-dependence of suppliers and receivers and looks at the difficult task of managing risk between these parties.

The Risk Management Universe: a guided tour

This book brings together leading experts from various risk, management fields to share key insights into what makes their part of the risk management universe unique. Each contributor describes current best practice in their area of expertise, as well as outlining areas for future development.

The Route Map to Business Continuity Management. Meeting the Requirements of BS 25999

This popular book, The Route Map to Business Continuity Management: Meeting the requirements of BS 25999 has been written to help those managers who have decided to introduce BCM into their organisation. It includes case studies and templates to assist with the various stages of the BCM process. It is based on the highly acclaimed British Standard for BCM, BS 25999, Parts 1 and 2 and on the plan-do-check-act model used by BS 25999-2 and other management systems, such as ISO 9001.

DVDs

Risk maker risk taker. A manager's guide to risk – DVD

This DVD shows managers throughout your organisation the steps to manage the risks in their environment. It gives them an insight into the cracks that can occur in the risk process, which could threaten the organisation’s ability to achieve its objectives, and in some cases its survival.