Scope, Assumpions, Approach, Structure & Targets
This site aims to provide an introduction to establishing a Business Continuity Management process within an organisation in order to mitigate the technology and information continuity risks identified as part of Risk Management.
In order to maintain availability of IT and information the organisation needs to understand
- which processes are critical;
- how quickly they must to be restored;
- what are the IT and information required in order to keep these critical processes running.
Using this information, ICT and Information Security (IS) professionals are able to determine the actions that must be performed to ensure that the IT and information requirements of the critical processes can be met, despite a disruptive event. This includes ensuring that the ICT and IS staff are available within the required timeframes and the identification of an alternative site(s) from which to work should it become necessary. This information is detailed within the Business Continuity Plan (BCP).
Once ICT and IS are operational again, the operational teams will be able to work from their IT Service Continuity Plan to restore the critical IT components and information required to support the critical processes.
-
Interoperable EU Risk Management ToolboxThis document presents the EU RM toolbox, a solution proposed by ENISA to address interoperability concerns related to the use of information...
-
Interoperable EU Risk Management FrameworkThis report proposes a methodology for assessing the potential interoperability of risk management (RM) frameworks and methodologies and presents...