Business Continuity Requirements and Scope
Contents 1
Introduction ............................................................................................................... 8
2
Organizational context ............................................................................................... 9
3
4
2.1
Activities ..................................................................................................................... 9
2.2
Functions ..................................................................................................................... 9
2.3
Services ..................................................................................................................... 10
2.4
Products .................................................................................................................... 10
2.5
Partnerships .............................................................................................................. 11
2.6
Supply chains ............................................................................................................. 11
2.7
Potential impact of a disruptive incident .................................................................... 12
Objectives and policies ............................................................................................. 13 3.1
Business objectives .................................................................................................... 13
3.2
Business policies ........................................................................................................ 13
3.3
Business continuity objectives .................................................................................... 13
Risk management ..................................................................................................... 15 4.1
Risk management strategy ......................................................................................... 15
4.2
Risk appetite .............................................................................................................. 15
4.3
Internal uncertainty factors ........................................................................................ 16
4.4
External uncertainty factors ....................................................................................... 16
4.5
Risk criteria................................................................................................................ 17
5
Understanding the requirements of interested parties ............................................. 18
6
Purpose and scope of the BCMS ............................................................................... 21 6.1
Purpose ..................................................................................................................... 21
6.2
Scope of the BCMS ..................................................................................................... 21
6.2.1 6.2.2 6.2.3 6.2.4
Organizational ........................................................................................................................... 21 Products and services ................................................................................................................ 21 Activities.................................................................................................................................... 22 Exclusions .................................................................................................................................. 22
Figures Figure 1: Organization chart ....................................................................................................... 10
Tables Table 1 - Requirements summary of interested parties/legal and regulatory bodies .................... 19
Version 1
Page 7 of 22
[Insert date]