Dyson College of Arts and Sciences
Issue link: http://dysoncollege.uberflip.com/i/128987
are mandatory. Such circumstances include any changes in the business system configuration when new business functions, new business processes, or new business services are added, or when old business components are dropped or reconfigured, or when there are changes in the infrastructure, including new telecommunication networks or buildings, changes in locations, and so on. Most often, the following steps are included in any maintenance phase of the business continuity plan project: 1) Periodic training of relevant staff; 2) Periodic exercising of the business continuity plan; 3) Periodic review of the business continuity plan; and 3) Periodic audit of the business continuity plan. Finally, in the business continuity plan project, there is always the business continuity execution phase. While one certainly hopes that this phase will never happen in real life, however, no organization is immune from it. The business continuity plan should define all conditions, in great detail, that specify the type of business disruption and the part of the business continuity plan that applies. The business continuity plan will guide the business continuity team in starting the business resumption process. Most often, this business resumption process goes through the steps of analyzing the business disruption incident, isolating the incident, assessing the current business situation, protecting facilities, withdrawing to safer locations, relocating, and resuming business operations. Conclusion This paper adopted several business continuity guides and national standards that have not been officially internationalized. While the final version of the ISO standard for business continuity remains still unconfirmed, we propose an informal framework for managing business activities based on previous local standards like PAS 56 and BS 25999. This framework does not adopt the specification requirements proposed in Part II of the ISO 25999 but embraces some of the definitional delineations followed in those guides. This framework is very useful for organizations to plan their resilience capabilities that can be translated into an effective business continuity plan. This plan can in turn be easily validated to conform to the new ISO 22301 as soon as it becomes official. References Andrews, K. (1980). The Concept of Corporate Strategy. Dow-Jones Irwin. ASIS International. (2012). ASIS Standards and Guidelines Download Form. https://www.asisonline.org/documents/downloadSG.xml?document=guidelines/ guidelinesbc.pdf&version=bc_gdl (accessed March 15, 2012) AT&T. (2007). AT&T Newsroom. AT&T: http://www.att.com/gen/press-room?pid= 4800&cdvn=news&newsarticleid=23862 Business Continuity Institute. (n.d.). BCI Glossary. BCI Website. http://thebci.org/Glossary.pdf Business (accessed March 15, 2011) Continuity Institute. (2010, October 1). British Standards Group News Room. from British Standards Group: http://www.bsigroup.com/en/about-bsi/News-Room/ BSI-News-Content/Disciplines/Business-Continuity/BSI-expands-on-BS-25999-theBusiness-Continuity-Management-standard-with-a-second-additional-guidancePublished-Document-PD/igroup.com (accessed March 15, 2012) 65