Alert is the notification that an incident or disaster situation has occurred. It implies a possible activation of the plan.
Business Impact Assessment (BIA)
Assesses business critical functions, identifies and quantifies the impact that a loss of those functions may have to the organisation.
Business Continuity Management (BCM)
The processes that organizations use to ensure business continuity is maintained across their organization.
Is a collection of risks, this collection can be based on location, type, department or own configuration.
A counter measure for vulnerabilities, to reduce the threat of risks by taking a proactive stance.
An event specific preparation that is executed when an incident occurs to protect an organization from certain and specific identified risks and/or threats.
The system/process by which top management of an organization are required to carry out and discharge their legal, moral and regulatory account abilities and responsibilities.
A category of risk management that looks at ensuring an organization meets its corporate governance responsibilities takes appropriate actions and identifies and manages emerging risks.
A documented process on how to recover and protect a business after an incident or disaster situation.
A BCMfort feature to manage and consolidate supporting files and documentation.
A hazard is a situation that poses a level of threat to the business or environment.
Health Safety, Quality and Environment
Impact Rating (IR)
Is the expected cost of a potential incident, in time, money and resources.
A document explaining how actual controls have been implemented.
Taking steps to reduce adverse effect of a threat.
Maximum Tolerable Downtime
A message sent to predefined response group and what actions should be taken when an alert has been raised.
Probability Rating (PR)
An assessment of the likelihood that an event will occur.
A series of logically related activities or tasks (such as planning, production, or sales) performed together to take a set of inputs and produce a defined set of outputs.
A staff member that is responsible for the recovery and restoration of business operations after a disruption. The recipient of a notification.
A group responsible for the recovery and restoration of business operations after a disruption.
Recovery Time Capable (RTC)
The amount of time it currently takes to restore a process (starting point).
Recovery Time Requirement (RTR)
An external requirement (contractual, legal, statutory or an SLA) of the amount of time to restore a process.
Recovery Point Objective
The maximum amount of data that can be lost. (If one hour then a standby solution is required. If 24 hours, then backups may suffice.)
A designated site for the recovery of business unit, technology, or other operations, which are critical to the enterprise, when an incident occurs.
Recovery Time Objective
The targeted duration of time and service level within which a service must be restored.
An economic or productive factor required to accomplish a process or activity, such as labour, information or expertise.
A predefined alert to notify the risk owner that a procedure is up for revue.
The decision if the risk is in an acceptable state or not. (If not the Risk Owner will need to implement additional control measures.)
The possibility for loss or injury created if a hazard becomes an incident.
A grouping of risks of similar type under key headings.
The method by which firms evaluate potential losses and take action to reduce or eliminate threats.
A collection of example risks to help setup the system.
Used to further categorise risks within risk categories. (aka Keyword)
Two factor authentication (increased security)
an indication of something impending that may cause injury, or damage
Selecting one or more options for treating each unacceptable risk. (Start by concentrating risks that are rated higher during the BIA and look to mitigate these were possible by identifying the relevant hazards and control measures.)
Susceptible to harm, degradation, or destruction on being exposed to a hostile agent or factor.