Organizational Resilience – Positioning Against ISO 22301-Based Business Continuity
Wolfgang Mahr
Approaches and methods to successfully and sustainably run businesses are being rapidly developed. Recently, the term of Organizational Resilience was...
Approaches and methods to successfully and sustainably run businesses are being rapidly developed. Recently, the term of Organizational Resilience was interpreted as being the new expression for the term Business Continuity. According to industry sources,...
Business Continuity Management vs. Information Security vs. IT Disaster Recovery
For outsiders, it’s not easy to distinguish among the specific purposes of Business Continuity Management (BCM), Information Security (IS), and...
For outsiders, it’s not easy to distinguish among the specific purposes of Business Continuity Management (BCM), Information Security (IS), and IT Disaster Recovery (IT DR). All three areas have something to do with “security,” “losses,”...
Beyond the BCM Manager: Additional roles to consider during the disruptive incident
Rhand Leal
A crisis or disaster is something that no organization, regardless of its size, wants to go through. Because of this,...
A crisis or disaster is something that no organization, regardless of its size, wants to go through. Because of this, many of them adopt business continuity practices, such as Business Continuity Management Systems (BCMS) based...
ISO 22301 Case study in the travel industry: Business continuity as a necessity in customer care
Business continuity protects an organization from the impacts of business disruptions. The goal is to provide a certain level of...
Business continuity protects an organization from the impacts of business disruptions. The goal is to provide a certain level of products and services to customers during disruptions. But, what do industries need in order to...
Where does information security fit into a company?
Dejan Kosutic
Very often, I hear controversial discussions about whether information security is part of IT, or whether it should be separate...
Very often, I hear controversial discussions about whether information security is part of IT, or whether it should be separate from it, part of some compliance or risk department, etc. But, before we determine who...
Incidents in ISO 22301 vs. ISO 27001 vs. ISO 20000 vs. ISO 28003
Management system standards, especially those dealing with security and interruptions of business processes, use the term “incident management.” As these...
Management system standards, especially those dealing with security and interruptions of business processes, use the term “incident management.” As these management system standards deal with different aspects of managing business processes (IT Service Management, Information...
How to use ISO 22301 for the implementation of business continuity in ISO 27001
One of the biggest mysteries in ISO 27001 implementation is the Annex A section A.17, which speaks about business continuity management....
One of the biggest mysteries in ISO 27001 implementation is the Annex A section A.17, which speaks about business continuity management. How does business continuity relate to information security, and why is it included in ISO...
How to perform business continuity exercising and testing according to ISO 22301
Exercising and testing of business continuity plans is quite a controversial topic – some people say that it costs too...
Exercising and testing of business continuity plans is quite a controversial topic – some people say that it costs too much, while others maintain that it has no purpose because they cannot perform the full...
The most popular ISO 27001 & ISO 22301 blog posts
This is my 100th blog post! When I started this blog four years ago, I never dreamed I would have...
This is my 100th blog post! When I started this blog four years ago, I never dreamed I would have that many things to write about… And yet, the more I write, the more ideas...
Setting the business continuity objectives in ISO 22301
Business continuity objectives are, along with the business impact analysis, probably one of the most difficult elements of ISO 22301...
Business continuity objectives are, along with the business impact analysis, probably one of the most difficult elements of ISO 22301 implementation. Most of the business continuity implementers have problems like these: Which types of objectives...
