Various standards and legislation relate to business continuity management - this page overviews the main ones

£80 including post and packing to BCI members
£90 including post and packing to non-members.
Click here to place your order. Payment must accompany order.

BS25999 Part two
BS 25999-2 specifies requirements for establishing, implementing, operating, monitoring, reviewing, exercising, maintaining and improving a documented Business Continuity Management System (BCMS) within the context of managing an organization’s overall business risks.

The requirements specified in BS 25999-2 are be generic and intended to be applicable to all organizations (or parts there of), regardless of type, size and nature of business. The extent of application of these requirements depends on the organization's operating environment and complexity.

Therefore the design and implementation of a BCMS to meet the requirements of this standard will be influenced by regulatory, customer and business requirements, the products and services, the processes employed and the size and structure of the organization. It will not be the intent of this British Standard to imply uniformity in the structure of a BCMS but for an organization to design a BCMS to be appropriate to its needs and that meets its stakeholder’s requirements.

BS 25999-2 can be used by internal and external parties, including certification bodies, to assess an organization’s ability to meet its own business continuity needs, as well as any customer, legal or regulatory needs.

Please note that if you wish to purchase the PDF download of the BS25999-2 the price will be £90.00, Unfortunately the BSI currently have no facility to offer any form of promotional discounts in their online shop.

However, if you wish to purchase a hard copy, please complete the order form and send to the address indicated. The price for this will be £80 for BCI members and £90 for BCI non members.

NFPA 1600
The North American business continuity standard: download the 2007 edition (PDF)

ISO/PAS 22399:2007
ISO publishes international benchmark for incident preparedness and operational continuity management

ISO has published the first internationally ratified benchmark document addressing incident preparedness and continuity management for organizations in both public and private sectors.
The Publicly Available Specification ISO/PAS 22399:2007, Societal security – Guideline for incident preparedness and operational continuity management, is based on best practice from five national standards from Australia, Israel, Japan, the United Kingdom and the United States.

More details. (PDF)

BS ISO/IEC 27002:2005, BS 7799-1:2005
A standard for an Information Security Management System. Following the requirements of ISO/IEC 27002., you will identify, manage and minimise the range of threats to your information. By using ISO/IEC 27002. as the basis for your ISMS, you can become registered by BSI. More details can be found at http://www.bsi-global.com/en/Shop/Publication-Detail/?pid=000000000030166440

ITIL
Continuity Management, IT Security and Availability Management appear as part of the IT Infrastructure Library’s Service Delivery management practices; designed to ensure that IT services are provided and remain as intended.

Risk management
The IRM’s Risk Management Standard was the result of extensive work by a team drawn from the major risk management organisations in the UK including the IRM, AIRMIC and ALARM. The standard can be downloaded or ordered from www.theirm.org/publications/PUstandard.html

Singapore Technical Reference for business continuity
New business continuity guidelines are being launched in Singapore. Entitled the ‘Business Continuity Management Technical Reference’ the document is the result of a project spearheaded by the Singapore Business Federation (SBF) with the support of the Singapore Economic Development Board and SPRING Singapore. BCI helped to review the standard. Read the full story