Bcm Glossary

Click here to load reader

  • date post

    20-Jul-2016
  • Category

    Documents

  • view

    19
  • download

    0

Embed Size (px)

Transcript of Bcm Glossary

  • January2011

    DICTIONARYOFBUSINESSCONTINUITYMANAGEMENTTERMS

    LyndonBirdFBCI

  • TheBCI2011 2|P a g e

    DictionaryofBusinessContinuityManagementTerms

    TableofContents

    SOURCESANDREFERENCES.........................................................................................................3

    A(ActivationtoAwareness)...........................................................................................................4

    B(BacklogtoBusinessUnitBCMCoordinator)................................................................................6

    C(CallTreetoCulture)...............................................................................................................10

    D(DamageAssessmenttoDowntime).........................................................................................15

    E(EmergencytoExercise)...........................................................................................................17

    F,G(FacilitytoGRC)....................................................................................................................19

    H(HACCPtoHotSite).................................................................................................................20

    I,J(ICTContinuitytoJustinTime)..............................................................................................21

    K,L(KPItoLoss).........................................................................................................................23

    M(ManagementSystemtoMTO).................................................................................................24

    N(NEMAtoNonconformity).......................................................................................................26

    O(ObjectivetoOutage)..............................................................................................................27

    P,Q(PDCAtoProgrammeManagement).......................................................................................28

    R(ReadinesstoRiskTreatment)..................................................................................................29

    S(SafetytoSystemicRisk)..........................................................................................................32

    T(TableTopExercisetoTraining)...............................................................................................34

    U,V(UrgentActivitytoVulnerability)............................................................................................36

    W,X,Y,Z(WalkthroughtoWorkAreaRecovery)..........................................................................37

  • TheBCI2011 3|P a g e

    DictionaryofBusinessContinuityManagementTerms

    SOURCESANDREFERENCES

    It is recognizedthatmanytermsanddefinitionsexist throughout theworldthat relatetoBCMorsynergicsubjectslikeRiskManagementandEmergencyPlanning.ItwouldbeimpossibletoincludethemallbuttheBCIdoesattempttokeepanuptodateaspossibledictionaryof importantBCMtermsandtheirsources.Terms in thisglossarywhicharealsodefined inGPG2010and/orBS25999generallyuse thesamedefinitionasthatsourcedocument.Howeversomeadditionalexplanationmighthavebeenmadetoimproveclarityandunderstanding.All other definitions and editorial notes are consolidated definitions from the various sourcedocumentsthatprovidethetermintheirglossarysections.In the columnheaded References the following codes designatewhere the termhasalso beendefined.TheBCIdefinitionwillnormallyretainthesamemeaningasinthesealternativedocumentsbutwordingwillnotnecessarilybeidentical.AGoodPracticeGuidelines2010BusinessContinuityInstituteBBS25999Parts1and2BritishStandardsInstitutionCBCM.012010AmericanSocietyforIndustrialSecurityandBritishStandardsInstitutionDAS/NZ5050StandardsAustraliaESS540SingaporeStandardsCouncilFMS1970MalaysianStandardsandAccreditationCouncilGNFPA1600SS540NationalFireProtectionAssociationXDefinitiveGuidetoBCM3rdEditionJohnWileyWherenoreferencecodeexists,thesearetermsincommonusageinBusinessContinuitybuthavenotbeencodifiedbyprofessionalbodiesornationalstandardsbodiesasyet.ThedefinitionshownisthepreferredBCImeaningofthewordorterm.

  • TheBCI2011 4|P a g e

    DictionaryofBusinessContinuityManagementTerms

    A(ActivationtoAwareness) TERM DEFINITION REFERENCES

    Activation Theimplementationofbusinesscontinuityprocedures,activitiesandplansinresponsetoaseriousIncident,Emergency,EventorCrisis.EditorsNote:SeedefinitionsforIncident,Emergency,EventandCrisis.

    Activity Aprocessorsetofprocessesundertakenbyanorganization(oronitsbehalf)thatproducesorsupportsoneormoreproductsorservices.

    A,B,C,D

    ALARP(ofrisk) Alevelaslowasreasonablypractical XAlert Aformalnotificationthatanincidenthasoccurred

    whichmightdevelopintoaBusinessContinuityManagementorCrisisManagementinvocation.

    X

    AlternateRouting Theroutingofinformationviaanalternatecableorothermedium(i.e.usingdifferentnetworksshouldthenormalnetworkberenderedunavailable).

    AlternateSite AsiteheldinreadinessforuseduringaBusinessContinuityinvocationtocontinuetheurgentandimportantprocessesofanorganization.Thetermappliesequallytoofficeortechnologyrequirements.EditorsNote:Alternatesitesmaybeknownascold,warmorhot.TheymightalsobecalledsimplyaRecoveryorBackupSite.

    D,E,F,G,X

    ASIS AmericanSocietyforIndustrialSecurity.DevelopersofUSnationalstandardsforANSIinBCMandOperationalResilience.

    ASIS/BSiBCM.012010 AUSNationalStandardforBusinessContinuityManagement.

    AssemblyPoint/Area Thedesignatedareaatwhichemployees,visitorsandcontractorsassembleifevacuatedfromtheirbuilding/site.EditorsNote:AssemblyPointorAreamightalsobeknownasInitialAssemblyPoint(IAP),RendezvousPointor(bytheEmergencyServices)MarshallingPoint.

    Asset Anythingthathasvaluetotheorganization.EditorsNote:Thiscanincludephysicalassetssuchaspremises,plantandequipmentaswellasHRresources,intellectualproperty,goodwillandreputation.

    A,B,C,X

    Assurance Theactivityandprocesswherebyanorganization

  • TheBCI2011 5|P a g e

    DictionaryofBusinessContinuityManagementTerms

    canverifyandvalidateitsBCMcapability.AS/NZ5050 AstandardforBusinessContinuitybaseduponRisk

    ManagementprinciplesproducedbytheAustralianandNewZealandstandardsbodies.EditorsNote:ThisstandardbuildsonthesuccessfulAustralianRiskManagementstandardthatformedthebasisoftheISOriskStandard.

    ATOF Recoveryattimeoffailure XATOP Recoveryattimeofpeak XAudit Asystematic,independent,anddocumented

    processforobtainingauditevidenceandevaluatingitobjectivelytodeterminetheextenttowhichauditcriteriaarefulfilled.Firstpartyauditsareconductedbytheorganizationitselfformanagementreviewandotherinternalpurposes,andmayformthebasisforanorganizationsdeclarationofconformity.Secondpartyauditsareconductedbypartieshavinganinterestintheorganization,suchascustomers,orbyotherpersonsontheirbehalf.Thirdpartyauditsareconductedbyexternal,independentauditingorganizations,suchasthoseprovidingcertificationofconformitytoastandard.

    A,B,C,D

    Auditor Apersonwithcompetencetoconductanaudit.ForaBCMAuditthiswouldnormallyrequireapersonwithformalBCMauditqualifications.

    A,B,C

    Awareness TocreateunderstandingofbasicBCMissuesandlimitations.Thiswillenablestafftorecognisethreatsandrespondaccordingly.Examplesofcreatingsuchawarenessincludedistributionofpostersandflyerstargetedatcompanywideaudienceorconductingspecificbusinesscontinuitybriefingsforexecutivemanagementoftheorganization.Awarenessislessformalthantrainingandisgenerallytargetedatallstaffintheorganization

    E

  • TheBCI2011 6|P a g e

    DictionaryofBusinessContinuityManagementTerms

    B(BacklogtoBusinessUnitBCMCoordinator) TERM DEFINITION REFERENCES

    Backlog Theeffectonthebusinessofabuildupofworkthatoccursastheresultofasystemorprocessbeingunavailableforanunacceptableperiod.Asituationwherebyabacklogofworkrequiresmoretimetoactionthanisavailablethroughnormalworkingpatterns.EditorsNote:Inextremecircumstances,thebacklogmaybecomesomarkedthatthebacklogcannotbeclearedandthisisreferredtoastheBacklogTrap.

    Backup Aprocessbywhichdata,electronicorpaperbasediscopiedinsomeformsoastobeavailableandusediftheoriginaldatafromwhichitoriginatedislost,destroyedorcorrupted.

    BaselCommitteeBCMPrinciples

    TheHighLevelPrinciplesforBusinessContinuityoftheJointForum/BaselCommitteeonBankingSupervision(publishedbyBankforInternationalSettlements,August2006.EditorsNote:ThekeyelementsoftheseHighLevelPrinciplesare:1.FinancialmarketparticipantsandsupervisoryauthoritiesshouldhaveaneffectiveandcomprehensiveBusinessContinuityManagementprocessattheirdisposal.ResponsibilityforensuringbusinesscontinuitylieswiththeBoardofDirectorsandSeniorManagement.2.FinancialmarketparticipantsandsupervisoryauthoritiesmustintegratetheriskofsignificantoperationaldisruptionsintotheirBusinessContinuityManagementprocesses.3.Financialmarketparticipantsmustdeveloprecoveryobjectivesthattakeaccountoftheirsystemicrelevanceandtheresultingriskforthefinancialsystem.4.TheBusinessContinuityPlansofbothfinancialmarketparticipantsandsupervisoryauthoritiesmustdefineinternalandexternalcommunicationmeasuresintheeventofmajorbusinessinterruptions.5.Wherebusinessinterruptionshaveinternationalimplications,thecorrespondingcommunicationconceptsmustcoverinparticularcommunicationwithforeignsupervisoryauthorities.

  • TheBCI2011 7|P a g e

    DictionaryofBusinessContinuityManagementTerms

    6.FinancialmarketparticipantsandsupervisoryauthoritiesmusttesttheirBusinessContinuityPlans,evaluatetheireffectivenessandamendtheirBusinessContinuityManagementprocessesasnecessary.7.ItisrecommendedthatsupervisoryauthoritiesassesstheBusinessContinuityManagementprogrammesoftheinstitutionssubjecttosupervisionaspartoftheongoingmonitoringprocess.

    BattleBox Acontaineroftenliterallyaboxorbriefcasein