Business Continuity from Preparedness to Recovery

Business Continuity from Preparedness to Recovery: A Standards-Based Approach details the process for building organizational resiliency and managing Emergency and Business Continuity programs. With over 30 years of experience developing plans that have been tested by fire, floods, and earthquakes, Tucker shows readers how to avoid common traps and ensure a successful program, utilizing, detailed Business Impact Analysis (BIA) questions, continuity strategies and planning considerations for specific business functions.

One of the few publications to describe the entire process of business continuity planning from emergency plan to recovery, Business Continuity from Preparedness to Recovery addresses the impact of the new ASIS, NFPA, and ISO standards. Introducing the important elements of business functions and showing how their operations are maintained throughout a crisis situation, it thoroughly describes the process of developing a mitigation, prevention, response, and continuity Management System according to the standards. Business Continuity from Preparedness to Recovery fully integrates Information Technology with other aspects of recovery and explores risk identification and assessment, project management, system analysis, and the functional reliance of most businesses and organizations in a business continuity and emergency management context.

• Offers a holistic approach focusing on the development and management of Emergency and Business Continuity Management Systems according to the new standards
• Helps ensure success by describing pitfalls to avoid and preventive measures to take
• Addresses program development under the standards recently developed by ISO, ASIS and NFPA
• Provides both foundational principles and specific practices derived from the author’s long experience in this field
• Explains the requirements of the Business Continuity Standards

Business owners, executives, and managers in any size organization; practitioners in emergency management; students in business operations or emergency management

• Preface
• Acknowledgments
• Digital Assets
• Introduction
• Chapter 1. Business Continuity—A Definition and a Brief History
  • 1.1. Introduction
  • 1.2. History
  • 1.3. Many Definitions
  • 1.4. Review
• Chapter 2. Understanding the Standards
  • 2.1. Introduction
  • 2.2. Process Approach
  • 2.3. Plan, Do, Check, Act
  • 2.4. Organization of Standards
  • 2.5. Review
• Chapter 3. Building a Business Continuity Capability
  • 3.1. Introduction
  • 3.2. Leadership
  • 3.3. Business Continuity Manager
  • 3.4. Scope of the BCMS
  • 3.5. Policy
  • 3.6. Business Continuity Objectives and Project Planning
  • 3.7. Competence and Awareness
  • 3.8. Document Control
  • 3.9. Steering Committee
  • 3.10. Review
• Chapter 4. Emergency Management—Preparedness and Response
  • 4.1. Introduction
  • 4.2. Preparedness
  • 4.3. Response
  • 4.4. Review
• Chapter 5. Business Impact Analysis
  • 5.1. Introduction
  • 5.2. Business Impact Analysis Process
  • 5.3. Reanalysis
  • 5.4. Confidentiality
  • 5.5. Review
• Chapter 6. Risk Assessment
  • 6.1. Introduction
  • 6.2. Understanding Risk
  • 6.3. Risk Assessment
  • 6.4. Risk Treatment
  • 6.5. Risk Assessment Report
  • 6.6. Review
• Chapter 7. Mitigation and Business Continuity Strategy
  • 7.1. Introduction
  • 7.2. Mitigation
  • 7.3. Business Continuity Strategy
  • 7.4. Review
• Chapter 8. Business Continuity Plans and Procedures
  • 8.1. Introduction
  • 8.2. Fundamental Attributes of the Plan
  • 8.3. Plan Organization and Structure
  • 8.4. Team Plans
  • 8.5. Putting the Plan Together
  • 8.6. Review
• Chapter 9. Orientation, Exercising, and Testing
  • 9.1. Introduction
  • 9.2. Types of Exercises
  • 9.3. Scheduling Exercises
  • 9.4. Orientation
  • 9.5. Exercise Program
  • 9.6. Exercise Design
  • 9.7. Review
• Chapter 10. Continuous Improvement
  • 10.1. Introduction
  • 10.2. Program Maintenance
  • 10.3. Performance Evaluation and Metrics
  • 10.4. Evaluations and Internal Audit
  • 10.5. Management Review
  • 10.6. Nonconformity and Corrective Action
  • 10.7. Review
• Appendix A. Sample Competencies Suggested for Business Continuity Manager
• Appendix B. Required Documents under ISO 22301
• Appendix C. Emergency Plan Table of Contents
• Appendix D. Sample Business Impact Analysis Questions
• Appendix E. Sample Continuity Team Resource Tool Kit
• Appendix F. Websites That Contain Hazard Information
• Appendix G. Examples of Natural, Technological, and Man-made Hazards
• Appendix H. Excerpt from Risk Assessment Report—Hazards
• Appendix I. Full Scale Exercise Example
• Index