Standards

Information and Advice on Standards

BSI Organizational Resilience Standard BS 65000 DPC - comment now

BS 65000 Organization Resilience Standard
 
For the past few years one of the BSI committees has been working to develop a guidance standard that can be used by organisations to better direct, inform and support their Organizations and positively impact on its resilience.
 
The Standard known as “BS 65000:2014 Guidance on organizational resilience” has challenged the author group and been through extensive revisions before finally getting to the Public comments stage. 

BIS Cyber Hygiene Profile - CALL FOR REVIEW

BIS CYBER HYGIENE PROFILE DRAFT REVIEW - COMMENTS NEEDEDFeedback is needed from industry on the first draft of the Cyber Hygiene Profile developed by BIS and intended to identify the basic cyber controls that should be present in business.
 
The current draft can be viewed and comments submitted through the BSI’s Draft Review System and the review will close on the 16th March, 2014.

BIS Cyber Risk developments aim to build UK Capacity in SME's

In March 2013, the UK Department for Business, Innovation and Skills issued a “Call for Views and Evidence”  that built on the commitments made in the 2011 Cyber Security Strategy published by government.

The Call for Evidence focused on the intention of government to encourage the adoption of industry led standards that can be used by organisations to  improve the management of cyber risk. The particular focus of this work stream, that is part of a series of connected developments across business and government, was centred on the needs of SME companies.

National Occupation Standards for Business Continuity - your feedback needed

National Occupation Standards for Business Continuity
 
Since 2011 the Continuity Forum has been working with Skills CFA to develop Business Continuity skills and qualifications for use in the workplace. 
 
We are now conducting a review of the Business Continuity Management (BCM) suite of National Occupational Standards (NOS).
 

Shaping Cyber Risk management for the UK | are you playing your part?

 
Can you help create a framework for Cyber Risk management for the UK?
 
The Department of Business, Innovation and Skills (BIS) is looking at how to help business improve its management of Cyber Risk through a process of industry engagement that is trying to identify how standards can be used in this process. 
 

The future for ISO 31000 | TC 262 Risk Management Survey | Standards

 
BSI Home pageISO Home page
The future of ISO 31000
Risk Management
HAVE YOUR SAY

 
We would really like your contribution to the future developemnt of ISO 31000 – Risk management - Principles and guidance and ISO Guide 73 - Risk management- Terminology.  These important ISO guidance documents are currently being considered for revision and the ISO technical committee, TC/262 – Risk Management –responsible for this work and the BSI has established a group to obtain feedback from risk professionals, users of the standards, and other relevant stakeholders.  
 
Your input into this review is very important and will be fed directly into ISO TC/262.
 
We are looking for your thoughts and use of Risk Management standards to help us develop a better understanding of how ISO 31000 can evolve and what aspects could be developed further. 
 
For more details please contact the Continuity Forum here or call Sara McKenna on +44 (0) 208 993 1599
 

Shaping the European Standardisation Roadmap of Crisis Management and Civil Protection

 
(Workshop M/487)
Date: 09 April 2013
Location:City of Edinburgh Council, UK
 
Background
 
The European Commission, pursuing the increase of the global competitiveness of EU security industry while enhancing the security of Europe, has requested the European Standardisation Organisations (ESOs) to draft three European standardisation roadmaps in the security sector under action 1 in their Communication on Security Industrial Policy.
 

Risk Management Workshop Series - Edinburgh - London - Bristol

 
Continuity Forum Risk Management workshop series Risk Management Workshop series
 
Edinburgh - London - Bristol
24th January, 14th & 19th February 
 
These Risk Management Workshop sessions form part of the process of review and feedback on the developing nature of Risk Management standards and have been developed by the Continuity Forum and the BSI. 
 
They have been designed to flow together, creating engagement and drawing people into meaningful discussions on key issues surrounding Risk Management Standards and how it connects to other professional disciples that use Risk Management techniques such as Business Continuity, Resilience and Security Management. 
 
In addition, we are seeking to develop insight and support on the potential for Standards based Risk Management to positively contribute to the UK's management of Climate Risk through the National Adaption Programme (NAP).  
 

ISO 22313 GUIDANCE for Business Continuity published (ISO 22301)

 

Visit the BSI Shop
Introducing the latest international standard ISO 22313
 
The Guidance for Business Continuity management standard ISO 22301
 
BS ISO 22313 Societal security — Business continuity management systems — Guidance offers global best practice to organizations implementing an effective Business Continuity Management System (BCMS).
 
Acting as the guidance document for ISO 22301, the standard provides a more intuitive framework to those pursuing business continuity best practice. It is a key milestone to support the uptake and implementation of effective BCM worldwide.
Together, these BCM standards seek to support organizations in their on-going challenge to improve business resilience in the face of unforeseen circumstances such as bad weather or civil unrest.
 

So you think you're an auditor?

submitted article
 
Why BCM Audit need special consideration You are implementing a business continuity management system (BCMS) for the first time and you discover that one of the requirements is to conduct “internal audits”. What do you do? Who should be the auditor? Do they need to be trained? All valid questions (along with scores of others which you will doubtless ask yourself) which invariably will be rushed through without much thought into what is trying to be achieved (apart from a tick in the BCMS/certification box). 
 
Done well, audits are an excellent way for your business to learn what’s working and what needs to be improved but done badly they soon become robotic and worse, potentially divisive. Internal audits are a requirement of any management system standard so if you are committed to implementing a meaningful BCMS you might as well do it properly from the outset.
 
 

New ISO cybersecurity standard published.

 

This new ISO standard (27032:2012) will help ensure safety of online transactions and personal information exchanged over the Internet, and protect your computer when browsing any Websites.

We nearly all rely on the Internet for all kinds of day to day activity in our business and personal lives, from sharing important work files to paying our bills and cybersecurity has become a key concern for all of us. A new ISO standard, ISO/IEC 27032:2012, Information technology – Security techniques – Guidelines for cybersecurity, will make cyberspace safer.

Video - Business Continuity Implementation and certification to ISO 22301

The session is part of the Continuity Forum webinar series and was first broadcast in September 2012.

Hilary Estall of Perpetual Solutions is our guest for the session and she outlines how the migration can be more easily made from other standards such as BS 25999-2 to the new ISO and what the auditor is likely to focus on when assessing your system.

This video is approximately 48 minutes long.

 

Business Continuity Standard ISO 22301 Implementation and Certification Webcasts - FREE

 
Your guide to Business Continuity Certification to ISO 22301
FREE WEBCASTS ON IMPLEMENTATION and CERTIFICATION to ISO 22301
 
Our Webinars focusing on the new ISO Business Continuity Standard 22301 really have been incredibly popular with a response that has even taken us by surprise!
 
Following on from the Continuity Forum Webcasts in May, June and July we are adding four more sessions starting in late August and through September covering the next steps for organisations. We are now taking bookings and places will be limited so prompt action is recommended.
 

ASIS to develop Supply Chain Risk Management Standard

 
ASIS International ASIS, the International group for Security Professionals, founded in 1955 and based in Virginia in the US, has started work on a new Guidance Standard for Supply Chain Risk Management with the first Technical Committee meeting held this week with Russell Price is representing the Continuity Forum.   
 
This new project addressing Supply Chain Risk comes at an opportune time hot on the heels of ISO 22301 and when completed, hopes to provides a framework for collecting, developing, and implementing best practices for supply chain risk management (SCRM).
 
The SRCM Standard is intended to be primarily a practitioner's guide and will help connect many of the diverse processes that span Business Continuity and Risk Management. The final guidance when released will provide specific good practice guidelines that can be included or adapted to fit organizations needs as well as outlining possible approaches across a range of scenarios for an organization to consider, including examples of tools other organizations have used.
 
Whilst there is a current Standard (ISO 28000:2007) many feel more support is needed to support the development of more effective Supply Chain Risk, Resilience and Continuity Management and we hope this SCRM project will add substantial to the thinking and practices used across the relevant sectors and markets.  
 
 
 
 
If you would like to know more about our work in this area or if you have suggestions for key areas that need to be included in the Guidance please do get in touch HERE
 

 

 

Business Continuity - BS 25999, ISO 22301 and ISO 22313

 
Click to visit the BSI
In May 2012, the International Standardization Organization (ISO) published ISO 22301 – Business continuity management systems – Requirements.  Although this standard was long in the making the response has been very positive - and with the promise of ISO 22313 – Business continuity management – Guidance – before the end of this year, it seems it was worth the wait.  
 
ISO 22301 blends the requirements from several national standards, including those from the USA, Japan, Singapore, Canada and Australia.  The similarity with BS 25999-2, however, is most evident.  A comparison of the BS and ISO standards reveals little difference in the requirements.  And in Clause 8 of the ISO, where the business continuity programme requirements reside, the text is identical in many places.
 
Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...