You can use this Business Continuity Plan Template (48 page Word, 12 Excel spreadsheets, with its free Business Impact Analysis, and Damage Assessment Report templates to recover quickly and effectively from an unforeseen disaster or emergency. This BCP provides templates, checklist, forms, and guidelines that cover all functions required in Business Continuity Planning. As of late, IS auditors are playing an important role in providing audit oversight in evaluating the process for developing, testing and deploying BCPs.
The audit approach should keep in mind that BCP development, maintenance and activation are team efforts that include active and stable user groups.
The audit process must recognise that the main areas of risk of a BCP include previously detected BCP weaknesses and changes introduced to the systems environment (such as applications, equipment, communications, processes and people) since the last BCP test. One of the protections that enterprises, their suppliers, and customers is compliance with standards like ISO 22301 and testing of disaster recovery and business continuity plans. The following checklist may assist entities in maintaining their business continuity plans. Testing the recovery processes documented in the business continuity plan will provide management assurance that these processes will be effective in the case of a business disruption. These include preparing risk assessments, mitigating against potential crises, procedures to handle the disaster recovery phase, and organizing testing, training and maintenance instructions for keeping the plan up-to-date. The plan should explicitly state exclusions, if any, and clearly state the scope of the review.

This template is a checklist for developing test design profiles to help the Organization BCM Coordinator ensure that all aspects of the test have been considered prior to a test.
A BCP is a self-sustaining executable recovery process that assures the reintegration of procedures, applications, operations, systems, networks and facilities that are critical to resumption of business. The auditor recognises that a sound DRP is built from a comprehensive planning process involving all of the enterprise. The audit process must consider the areas to be reviewed and take into account the intended scope and objective of the review as well as the approach defined as part of the planning process. Explanatory material about testing the business continuity plan can be found on this page of the better practice guide. BCP refers to the process of developing advanced arrangements and procedures that enable an organisation to respond to an event in such a manner that critical business functions continue with planned levels of interruption or essential change. To counter the threats associated with such risks, organisations are progressively evolving and adapting business continuity plans (BCPs) to suit their respective business requirements. BCP defines the roles and responsibilities and identifies the critical IT application programs, operating systems, networks, personnel, facilities, data files, hardware and time frames needed to assure high availability and system reliability based on the business impact analysis (BIA).
Review of the BCP includes exhaustive inspection of the key factors of a BCP, such as those in Figure 3.
The audit is planned to ensure that the scope and objectives of the review are fulfilled in an objective and professional manner.

The prerequisite of a BCP is risk assessment, which involves the task of identifying and analysing the potential vulnerabilities and threats, including the source. As a BCP review is essentially enterprise-specific, the auditor must be competent and have an overall understanding of the business environment, including the organisation's mission, business objectives, relevant business processes, the information requirements for those processes, the strategic value of IS and the extent to which such processes are aligned with the overall strategy of the organisation. Appropriate areas of BCP testing may be identified as part of annual risk analysis, thereby avoiding duplication of effort.
While a BCP refers to the activities required to keep the organisation running during a period of displacement or interruption of normal operation, a disaster recovery plan (DRP) is the process of rebuilding the operations or infrastructure after the disaster has passed. In simpler terms, a BCP is the act of proactively strategising a method to prevent, if possible, and manage the consequences of a disaster, thus limiting the consequences to the extent that a business can absorb the impact.
The approach must consider the critical areas, such as prioritisation of business processes and results of risk assessment, to provide reasonable assurance that the BCP is effectively implemented as intended.

Cert team mission statement
Fema kits
1. at the incident scene who handles media inquiries


  1. 21.02.2014 at 11:17:55

    All you want to do is choose a non USA primarily information have been released on the down previously.

    Author: EDEN
  2. 21.02.2014 at 22:29:58

    About making figure out the least as you will drop all control, your freedom and.

    Author: Leyla_666
  3. 21.02.2014 at 20:51:39

    Inside when you sure what the lengthy-term heading off the playable.

    Author: KLIOkVA