with the application and popularization of computers, the business model has undergone tremendous changes, and people's working methods have also undergone fundamental changes. the use of computers has greatly improved work efficiency and saved a lot of manpower and material resources. people are more and more dependent on computers in production and life, and the security requirements of information systems are also gradually increasing.
business continuity refers to an organization's ability to maintain and recover business during and after a disaster. disasters here can include extreme weather, fire, floods, natural disasters, theft, it failures, employee illness or terrorist attacks. the business continuity management system framework can help enterprises formulate a complete set of integrated management process plans, enable enterprises to identify and analyze potential disasters, help them determine the threat to enterprise operations caused by possible shocks, and provide an effective management mechanisms are in place to prevent or counteract these threats and reduce losses to the business from catastrophic events.
in 2007, the guidance document iso/pas 22399 "accident response and continuity management" was successfully released. in 2012, iso 22301 was published, as a truly international standard, iso 22301 references important recommendations from australia, france, germany, japan, north korea, singapore, sweden, thailand, the united kingdom and the united states. in 2013, my country adopted and issued the national standard "requirements for public safety business continuity management system" (gb/t 30146), which was implemented on may 1, 2014. iso 22301 specifies requirements for planning, establishing, implementing, operating, monitoring, reviewing, maintaining and continually improving a documented business continuity management system to implement protection, reduce the likelihood of disruptions, and when disruptions occur prepare, respond and recover from time to time. business continuity should also include risk assessment and business impact analysis, which are an intrinsic and fundamental part of iso 22301, are the identification of priority activities, key products and services that should be supported by dependencies and resources whose failure will have consequences for the organization impact.
gb/t 30146 "public safety-business continuity management system requirements" defines business continuity management as a set of management processes that identify potential threats to an organization and the impact that these threats may have on business operations if they occur. this process provides a framework for organizations to build self-resilience to effectively respond to threats to protect the interests of key stakeholders, reputation, brand and value-creating activities.
business continuity management is an integrated management process that enables companies to recognize potential crises and related impacts and develop response, business and continuity recovery plans. its overall goal is to improve the risk prevention capabilities of enterprises to effectively respond to unplanned business disruptions and reduce adverse effects, ensuring that the main business operations of the parties concerned can continue to operate at all times.
the business continuity management system is used to establish, implement, operate, monitor, review, maintain and improve the organization's own business continuity.is a set of management processes that identify potential threats to the organization and the impact these threats may have on business operations if they occur. these can include project planning and management, staffing, planning, forecasting, budgeting, research and development, resource management, communications, conferences, educational events, publicity and promotions, event websites, performance evaluation events, processing inquiries by day, and many other activities.
the iso 22301 management system framework can help companies formulate a set of integrated management process plans, enable companies to identify and analyze potential disasters, help them determine the threat to business operations caused by possible shocks, and provide an effective management mechanism to stop or neutralize these threats and reduce losses to your business from disaster events.
the business continuity management system is suitable for organizations with high requirements for business stability, such as financial organizations, banks and insurance companies, business departments of government agencies, large enterprises, etc.
○ "gb/t 30146-2013/iso 22301:2012 public safety business continuity management system requirements"
○ "gb/t 22080-2016/iso/iec 27001:2013 information technology security technology information security management system requirements"
○ "iso/iec 20000-1 information technology service management part 1: service management system requirements"
○ iso 31000 risk management guidelines
○ "iso 22313 guidelines for public safety business continuity management systems"
from a business perspective:
enhances organizational resilience to business disruption contingencies, enhances organizational resilience, creates competitive advantage, and protects and enhances its reputation and credibility.
from a financial perspective:
at present, the operating pressure of enterprises is increasing sharply, and the establishment of a good business continuity management system will directly and indirectly reduce the cost of interruption and recovery.
from an internal process perspective:
actively control risks, reduce the possibility of interruptions, effectively improve the business capabilities of enterprises, and solve the operational loopholes of enterprises.
tel: 86-400 821 5138
fax: 86-21 3327 5843
email:noa@noagroup.com
