Business Continuity Management (BCM) is a management process that identifies risk, threats and vulnerabilities that could impact an entity's continued operations and provides a framework for building organizational resilience and the capability for an effective response.
The objective of Business Continuity Management is to make the entity more resilient to potential threats and allow the entity to resume or continue operations under adverse or abnormal conditions. This is accomplished by the introduction of appropriate resilience strategies to reduce the likelihood and impact of a threat and the development of plans to respond and recover from threats that cannot be controlled or mitigated.
The Professional Practices are a body of knowledge designed to assist the entity in the development and implementation of a BCM program. Use of the Professional Practice framework can increase the likelihood that no significant gaps will be present in your program as well as increase the likelihood that the various parts of the program will work cohesively in an actual event. These Professional Practices are intended to serve as both a guide for BCM Program development, implementation and maintenance and as a tool for conducting audits of an existing program. Using the Professional Practices to audit a program can identify program gaps or deficiencies so they may be corrected before an event occurs
The Professional Practices have been developed and maintained by experienced Business Continuity professionals to provide a consistent framework for the industry, to assist others who wish to enter this field with the body of knowledge to develop the skills needed and to assist organizations in benchmarking their program against accepted and proven practices.
CHECK OUT THE NEW LOOK OF DRI’S PROFESSIONAL PRACTICESAND DOWNLOAD THEM TOO!
To access the DRI Professional Practices, please login to your profile, click on the Resources tab and "Knowledge Garden."
You can download the all 10 professional practices in one PDF that make them easier to read and use as a reference.
3. Business Impact Analysis
4. Business Continuity Strategies
5. Incident Preparedness and Response
6. Plan Development and Implementation
7. Awareness and Training Programs
Establish and maintain training and awareness programs that result in personnel being able to respond to disruptive incidents in a calm and efficient manner.
8. Business Continuity Plan Exercise/Test, Assessment, and Maintenance
Establish a business continuity plan exercise/test, assessment and maintenance program to maintain a state of readiness of the entity.
9. Crisis Communications
10. Coordination with External Agencies and Resources
Establish policies and procedures to coordinate response activities with applicable public entities and private resources in accordance with Professional Practice Five: Incident Preparedness and Response.