Assessing the BCP Security Risk

Business Continuity Planning (BCP) is essential for the continuation of key business services, in the event of an unexpected occurrence which seriously disrupts the business process.

BCP - Risk Assessment analyses the nature of such unexpected occurrences, their potential impact, and the likelihood of these occurrences becoming serious incidents.

To view the related Policy click      

  • Even where a formal BCP project has been initiated, if the allocated financial and human resources are insufficient, the resultant plan is unlikely to succeed.

  • Endeavour to relate the results from the Information Security Risk Assessment to known incidents (where the threats became reality) and to their impact upon the organisation concerned.
  • Ensure it is understood that an under-resourced BCP will almost certainly fail to reach its objective.
  • Underestimating the short and medium term impact of a Security Incident can result in an inappropriate level of response towards building a suitable BCP.

  • Do not regard BCP as merely an 'exercise' or a 'waste of resources'. Give it the priority it deserves.
  • Establish the BCP as a formal project with a Project Manager directly responsible.
  • Recognise and evaluate the threats, risks and impacts of a disruption to the business, consider an Information Security Risk Assessment.

Previous PageTop of this pageNext Page

Information Security Policies from US$595


Use of the guidance contained within RUSecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word


Next PageUpPrevious Page