"Contingency planning and disaster recovery were largely information technology-led responses to natural disasters and terrorism that affected businesses during the 1980s and early 1990s."
This need has become a business-led process and encompass preparing for many forms of disruption. So the discipline became known as business continuity management (BCM). ISO
(International Standardization Organization) has developed an standard ISO 22301 for BCM which can be used by organizations of all sizes and types.
Today in several countries this standard is driving what all entities -public & private- use to mitigate the effects of disruptive incidents -natural, health, terrorism, crime- on society. Also, businesses recognized their dependence on each other and sought assurance of keep in business.
So information is an asset that can be harmed by different incidents and OPE/CON/DES teams have to take in consideration every potential risk that could jeopardize the OPEration of a Mission Critical facility (Data Centre, Hospital, C4, and so on). This situation has let a "new" class of resources to minimize, mitigate, restore and continue the organization business.
BCM is not an island among all other organization´s functions but one that has to stick Policies, Process, People & Infrastructure. Today we can not think that if our facility (DC, Comm rooms) are OK, this will keep the organization running with key suppliers and partners would continue to provide key products and services, even when incidents occurred. Among all of this the IT systems are a corner stone for the BC.
As we can imagine to run a business we have to understand all the interactions (environment, place, suppliers, market, transport, storage,............) it has to find out which are the RISKs that exist for "doing business.
Risk Assessment, Business Impact Analysis, BC planning are just basic tools to BE PREPARE -as scouting- to response to all and any topics that our organization will face during the time.
And all of them have to be RE asses in a period term (at least every year or when an incident occurs) to avoid our complacency.
Business Continuity is not new "NOAHs Ark" is a clear sample that show us that mankind have been always aware about life is dangerous, not only for organization but humans too.
Or what dio you think?
roberto sánchez, RCDD