4 Context                               pdca p

 

4.1 Context of the company

External and internal issues that can influence the BCMS

Requirement 1 (see also the quiz)

 4.1

The two most important things in a company do not appear in its balance sheet: its reputation and its people. Henry Ford

To successfully implement a business continuity management system, we must understand and evaluate everything that can influence the reason for being and business performance. You should think carefully about a few key activities:

The SWOT and PESTEL analyses can be useful for relevant analysis of business context (cf. annex 07). record

A list of external and internal issues is carried out by a multidisciplinary team. Each issue is identified by its level of influence and control. Priority is given to issues with great influence and poor control.

smileyMinute of relaxation. Game: Context of the company

Good practices
Bad practices

Top of the page

 

4.2 Stakeholders

Understand the requirements of stakeholders

Requirements 2 to 6

4.2 

There is only one valid definition of a business purpose: to create a customer. Peter Drucker

To understand the needs and expectations of stakeholders, we must begin by determining those who may be affected by the business continuity management system such as:

Every stakeholder is determind by its level of influence and control. Priority is given to stakeholders with great influence and poor control. A List of stakeholders is created by a multidisciplinary team, cf. annex 08. record

True story 

The customer is king but we still can fight against rudeness. This example is from the restaurant La petite Syrah in Nice and its coffee prices:

“A coffee”...................................7 €
“A coffee, please”...............4,25 €
“Hello, a coffee, please”....1,40 €

Anticipating the reasonable and relevant needs and expectations of stakeholders involves:

The Identify legal requirements processactivities which transform inputs into outputs (see also ISO 9000, 3.4.1) of business continuity allows you to take into account the mandatory requirementsexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) and comply with them. process

Requirementsexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) may concern:

When an applicable requirementexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) is accepted, it becomes an internal requirementexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) of the BCMS.

Good practices
Bad practices

Top of the page

 

4.3 Scope

Define the scope of the BCMS

Requirements 7 to 15 

4.3

In many areas, the winner is the one who is best informed. André Muller

The scope (or in other words the perimeter) of this module applies to the business continuity management system (or in other words to crisis risk management) in the company and concerns:

The Scope of the BCMS is available to stakeholders, cf. annex 09. record

When a requirementexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) cannot be applied, a justification is included in the document.

The scope of the BCMS of a company is established taking into account:

question Questions that require answers:

This module does not specifically include accounting risks and extreme risks related to:

Example of a scope 

For a circus, the risks likely to cause problems during a performance include a power outage, a storm, the absence of several actors or technicians (illness or social conflict) or major transport problems for the public.

After identifying, analyzing and evaluating the risks that could disrupt the performance, top management must decide what actions to take to reduce the chances of cancellation.

Business continuity concerns many areas and risks:

To properly determine the scope of the BCMS, the specificities of the company context are taken into account, such as:

Good practices
Bad practices

Top of the page

 

4.4 BCMS

BCMS requirements, processes and interactions

Requirement 16

4.4

Prevention is better than cure

The requirementsexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) of the ISO 22301 standard concern:

For that:

point Pitfalls to avoid:   

The requirementsexplicit or implicit need or expectation (see also ISO 9000, 3.1.2) of the ISO 22301 standard are shown in figure 4-1:

requirements

Figure 4-1. The requirements of ISO 22301

An effective BCMS is mainly oriented towards:

Do not hesitate to look for answers in ISO 22313 (“Guidance on the Use of ISO 22301”) when you cannot find them in this module, cf. paragraph 2.2.

Good practices
Bad practices

Top of the page