• Home /
• Useful BCM resources

Useful Business Continuity Management resources

You'll find BCM Tools, book reviews, FAQs on BS 25999, webinars, white papers and other free downloads in this section of the website. For more information on Business Continuity Management, the following publications are available to buy online here: Standards, Publicly Available Specifications, Books and DVDs.

Standards

Put at its simplest, a standard is an agreed, repeatable way of doing something. It is a published document that contains a technical specification or other precise criteria designed to be used consistently as a rule, guideline, or definition. Read 'What is a standard?' for more information.

New BCM KIT

Business Continuity Management Best Practice Kit. Includes all BCM Standards and Books 

This kit will equip you with the knowledge and skills to effectively plan, prepare, deliver and report on exercises and tests to validate and improve your business continuity strategy.

It is intended to serve as a single reference point for identifying the range of controls needed for most situations where BCM is practiced in industry and commerce, and to be used by large, medium and small organizations in industrial, commercial, public and voluntary sectors.

BS 31100:2011 Risk management. Code of practice and guidance for the implementation of BS ISO 31000

Do you want to implement the key principles and guidelines of risk management (as specified in ISO 31000:2009)?

If you do then you must be someone that appreciates that risks are managed best when they follow a defined process, and that this is done in a systematic and structured way.

BS 25999-1:2006 Business Continuity Management. Code of Practice

BS 25999-1 is a code of practice that takes the form of guidance and recommendations. BS 25999-1 establishes the process, principles and terminology of business continuity management (BCM), providing a basis for understanding, developing and implementing business continuity within an organisation and to provide confidence in business-to-business and business-to-customer dealings. Also available as a laminated pocketbook

BS 25999-1:2006 (German) Business continuity management. Code of practice

German translation of BS 25999-1:2006

BS 25999-1:2006 (Spanish) Business continuity management. Code of practice

Spanish translation of BS 25999-1:2006 (Paperback)

BS 25999-1:2006 (French) Business continuity management. Code of practice

French translation of BS 25999-1:2006

BS 25999-2:2007 Business Continuity Management. Specification

BS 25999-2 specifies requirements for establishing, implementing, operating, monitoring, reviewing, exercising, maintaining and improving a documented Business Continuity Management System (BCMS) within the context of managing an organisation’s overall business risks. Also available as a laminated pocketbook

BS 10012:2009 Data protection. Specification for a personal information management system

The British Standard, BS10012 Data protection. Specification for a personal information management system has been developed to establish best practice and aid compliance with data protection legislation. It is the first standard for the management of personal information.

|

BS ISO/IEC 27031:2011 Information technology. Security techniques. Guidelines for information and communication technology readiness for business continuity

BS ISO/IEC 27031:2011 describes the concepts and principles of information and communication technology (ICT) readiness for business continuity, it will help you improve your ability to deal with stressful situations.

BS 31100:2008 Risk management. Code of practice

BS 31100 is a key standard for risk management. It gives you an understanding on how to develop, implement and maintain effective risk management within your business. Using BS 31100 effectively can help you increase your company's effectiveness.

BS ISO 31000:2009 Risk management. Principles and guidelines

BS ISO 31000 is the international standard for risk management. It provides principles and generic guidelines on risk management.

BS ISO 31000 is a useful standard for any public, private or community enterprise, association, business, group or individual. BS ISO 31000 applies to any activity in a business including strategies and decisions, operations, processes, functions, projects, products, services and assets. It also applies to any type of risk, whatever its nature, whether having positive or negative consequences.

BS ISO/IEC 27001:2005 Information technology. Security techniques. Information security management systems. Requirements

BS ISO/IEC 27001:2005 covers all types of organisations (e.g. commercial enterprises, government agencies, non-profit organisations) and specifies requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented information security management system (ISMS) within the context of the organisation’s overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organisations.

New published documents

PD 25111:2010 Business continuity management. Guidance on human aspects of business continuity

PD 25666:2010 Business continuity management. Guidance on exercising and testing for continuity and contingency programmes

Online tools

BS 25999-2 Business Continuity Self-assessment Online

BSI BS 25999-2 Business Continuity Self-assessment online toolkit has been designed specifically to make it easy to work across multiple sites and with multiple users, though you can just as easily use it as a standalone application.

Publicly Available Specifications

A Publicly Available Specification (PAS) is a standard developed by BSI British Standards commissioned by an external organization. Such external bodies have included, UK Government, trade associations and private companies.

PAS 97:2009 A specification for mail screening and security

This Publicly Available Specification (PAS) has been written to help prevent attacks on mail systems. PAS 97 is a specification for mail screening and security to help organizations reduce the risk of harm to operations and staff. Publication comes just weeks after the Government updated its anti-terror strategy to take account of the increased likelihood of a chemical or biological terrorist attack in Britain.

PAS 79:2007 Fire risk assessment. Guidance and a recommended methodology

PAS 79:2007 Fire risk assessment. Guidance and a recommended methodology is a comprehensive Publicly Available Specification (PAS) that gives a nine-step structured approach and corresponding documentation for conducting and recording significant findings of fire risk assessments in buildings across three legislative regimes, namely that in England and Wales, that in Scotland and the unchanged legislation in Northern Ireland (which will not change until, at least, later this year).

PAS 2015:2010 Framework for health services resilience

Publicly Available Specification (PAS) 2015 recommends techniques for improving and maintaining resilience for NHS-funded organizations that build on the activities that are already in progress within the organization.

Books

A Risk management approach to business continuity. Aligning business continuity with corporate governance

This book looks at the concepts of risk management and business continuity management from a holistic approach, and encourages organisations to go deeper when developing business continuity plans to see it as an opportunity for growth, not just a survival plan. It will be a useful tool for risk managers and continuity managers, and of broader interest to all senior management.

Auditing Business Continuity Management Plans

This is an essential guide for those seeking to implement BS 25999, the BCM standard. It will help ease the introduction of BCM using BS 25999 by providing instructions on using internal audits to ensure that the implementation is undertaken in a controlled and managed way. The book also introduces the role of the external assessors and explains how internal audits can be used to prepare the way for these external assessments as well as making them quicker and easier to undertake, therefore potentially reducing costs and business impact.

Disaster and Emergency Management Systems

This book is the guide to the key benchmark standard for implementing a business continuity management (BCM) system. It provides a strategic overview of the key steps that organisations should take to ensure that the risks of catastrophic failure are proactively minimized. It is written as a guide for anyone responsible for disaster and emergency management, with advice on how to design a disaster and emergency management system for any organisation, including hospitals, the police force and airline companies.

Exercising for Excellence: Delivering a Successful Business Continuity Management Exercise

This "how-to" book provides a straightforward and practical guide for anyone with responsibility for the planning and delivery of business continuity management (BCM) exercises. The book is an insider’s guide to conducting successful business continuity exercises. It will enable you to test and evaluate the effectiveness of your current incident management capability and business recovery plans.

Managing Risk and Resilience in the Supply Chain

This practical book explores the co-dependence of suppliers and receivers and looks at the difficult task of managing risk between these parties.

The Risk Management Universe: a guided tour

This book brings together leading experts from various risk, management fields to share key insights into what makes their part of the risk management universe unique. Each contributor describes current best practice in their area of expertise, as well as outlining areas for future development.

The Route Map to Business Continuity Management. Meeting the Requirements of BS 25999

This popular book, The Route Map to Business Continuity Management: Meeting the requirements of BS 25999 has been written to help those managers who have decided to introduce BCM into their organisation. It includes case studies and templates to assist with the various stages of the BCM process. It is based on the highly acclaimed British Standard for BCM, BS 25999, Parts 1 and 2 and on the plan-do-check-act model used by BS 25999-2 and other management systems, such as ISO 9001.

DVDs

Risk maker risk taker. A manager's guide to risk – DVD

This DVD shows managers throughout your organisation the steps to manage the risks in their environment. It gives them an insight into the cracks that can occur in the risk process, which could threaten the organisation’s ability to achieve its objectives, and in some cases its survival.