It is critical that businesses plan for the potential disruptions to operations that can be caused by everything from minor accidents to major disasters.  Maintaining business continuity has become a vital requirement of all organizations.  The BS 25999-2:2007 standard for Business Continuity Management (BCM) was developed to establish the minimum standards for an effective BCM system (BCMS).

By identifying and outlining the elements of an effective BCMS, the standard is designed around keeping a business operating at required levels during any emergency.  An effective BCMS will help you safeguard critical resources and staff, protect your reputation and brand value, and keep your critical business functions operating.  The outcome is protection of shareholder value and the bottom line.

Business continuity, risk management, and disaster recovery have existed for a long time.  BS 25999-2 provides a more comprehensive means to BCM, supported by enterprise-wide planning and procedures, and it introduces a full lifecycle and PDCA approach.  It is an auditable standard, so organizations have a framework for continual improvement and demonstrating to stakeholders that they meet best practice.

Who needs BS 25999-2?

BS 25999-2 was developed by experts from a cross-section of industry and government bodies.  It can be applied to small or large organizations, and it is particularly valuable for high risk industries such as information service providers, banking, telecom, and utilities where high availability is crucial.  For organizations with less risk, BS 25999-2 can meet the BCM needs of critical groups, divisions, and support functions.  Since Risk Assessment is a fundamental piece of your BCM strategy, any organization can utilize BS 25999-2 to develop a proportionate and effective implementation (of the standard and best practice) and ensure operations are sustainable given an unexpected event.

What are the benefits?

An effective and certified BCMS:

• Outlines a proven framework on which an organization can base its BCM system
• Improves an organization’s resilience when encountering unexpected events
• Provides a measured and planned response organization-wide when an event occurs
• Creates competitive advantage, reputation, and brand value in the marketplace through reliability and high availability
• Identifies opportunities for improvement by developing a clearer understanding of the organization and risk levels
• Demonstrates compliance and commitment to contracts, applicable laws, and government regulations
• Reduces costs by eliminating or minimizing the lost productivity that results from interrupted operations

The standard specifies how an organization develops a BCMS.  It specifies the requirements for designing, implementing, and managing a BCMS.  It reinforces:

• Understanding the business and risks that underlie an effective BCMS
• Operational controls and measurements that help an organization manage business continuity
• Management, monitoring, and review of performance and effectiveness of an organization’s BCMS
• Continual improvement based on an effective strategy and objective measurement of the system

Like other management systems, such as ISO 9001, ISO 27001, and ISO 14001, a BCMS has the following elements:

• A BCM policy
• Identification of resources, competency, and responsibilities
• Management processes that address:
  • BCM policy
  • System planning
  • Implementation and operation of the BCMS
  • Performance assessment and measurement
  • Management review
  • Continual improvement
  • Documentation and auditable evidence of effectiveness
• Business and organization –specific processes and outcomes such as risk assessment, business impact, contingency planning, response, and overall BCM plan development
• The Plan-Do-Check-Act (PDCA) cycle for establishing, implementing, operating, monitoring, maintaining, and improving the effectiveness of an organization’s BCMS

Certification can happen once your management system is ready.  The typical certification process involves an on-site pre-assessment (gap analysis) if you desire, readiness review of your BCMS documentation, the certification audit itself, closure of any open issues, a review by the registrar, and issuance of your certificate.  Certification costs are typically small compared to the cost of implementing the system.  Fees are typically driven by the size of your company, complexity, and audit days required.  With some basic information about your company, SRI can easily provide a no-obligation, detailed cost proposal.

SRI is a Full-Service, Accredited Registrar

As acceptance of international standards has grown, so has SRI. Established in 1991, SRI was one of the first five registrars in the U.S.  SRI now serves over 40 manufacturing and services industries across North America, Asia, and Europe.

SRI Auditors Make the Difference

From its leadership role, SRI has built its business by employing the best auditors in the field. Our senior auditors are seasoned professionals averaging more than 25 years of experience. They know the standards and the industry so they can step right in and add value to your audit.

We know you have a choice.

Here’s why you should choose SRI:

· Accredited by ANAB, RvA, and IATF, SRI offers registration to a full range of standards to meet all your business needs

· SRI’s web-based e-VENTS system, integrated with our fully automated operation support, puts all your sites’ audit schedules, plans, and results at your fingertips when you need it, where you need it

· SRI uses the same audit team across audit events for greater consistency and effectiveness

· We offer Pre-Assessments and two-stage Registration and Renewal audits that give you one-on-one time with a lead auditor and an early look at your system, which leads to a smoother registration audit

· SRI’s no-surprises, practical, open-book approach builds strong, long-lasting relationships

· We are one of the top five U.S. owned and operated registrars, and among the first to be QS-9000 and ISO/TS 16949 qualified. Decisions regarding your business and registration are timely and made right here by the Leadership team you work with throughout your registration

· SRI’s membership in key QMS and EMS technical advisory groups, and participation in industry standards development and oversight, ensure you are among the first to know about changes that will affect your business

· Training conducted by our lead auditors on standards and requirements gives you the practical, hands-on knowledge you need to succeed

· Our organization is the right size to provide responsive, one-on-one service to every client.  We are ready when and where you need us

Call SRI today to discuss BS 25999-2 and how SRI can help you safeguard your business. SRI is ready. (724) 934-9000.