Efnisyfirlit

• Cover
• About the Editor
• Title
• Copyright
• Dedication
• Contributors
• Foreword
• Preface
• Introduction to the 3rd Edition
• How to Use this Book
• Section One: Achieving and Maintaining Business Continuity: an executive overview
• 1: Enterprise Risk Management
• Background
• Events, Risks and Opportunities
• Expanding on Risk Management
• Business Objectives
• Components of the COSO ERM Framework
• Helping Organizations to Reduce their Exposure to Risk
• Benefits of Implementing COSO’s ERM Framework
• Effectiveness
• Risk Categories
• Limitations
• ERM Organization
• COSO Sources
• Other Frameworks and Relevant Standards
• How do Organizations Implement ERM?
• Take-up of ERM
• The Chief Risk Officer
• Relations in Risk Management
• Conclusion
• 2: Developing a BCM Strategy in Line with Business Strategy
• Introduction
• The Balanced Scorecard
• Understanding the Organization and its Environment
• Conclusion
• 3: The Importance of Business Strategy in Business Continuity Planning
• What is Business Continuity?
• The Historic Context for Business Continuity Planning
• Business Continuity Planning within a Business Strategic Context
• Conclusion
• 4: Multilateral Continuity Planning
• The Case for Multilateral Continuity Planning
• MCP Approach
• Project Success Factors
• Benefits of Multilateral Continuity Planning
• Conclusion
• 5: Marketing Protection: a Justification for Funding of Total Asset Protection Programmes?
• Total Asset Protection: The Concepts
• Marketing Protection
• Brand Value
• Advertising Campaigns and the Return on Them
• Impact of Disaster
• Delivery versus Expectation
• Third Party Impact
• Conclusions
• 6: Operational Risk Management
• 6-1 Operational Risk Management: a Primer
• 6-2 Operational Risk Management: Risk and Consequences
• 7: Crisis Management, Emergency Management, BCM, DR: What’s the Difference and How do They Fit Together?
• Overview
• Starting from the Top
• Common Terms in BCM Practice
• Inter-relationships Between Terms
• 8: Business Continuity and Ethics
• Business Continuity Ethics
• A Moral Justification of Business Continuity
• The Duty to Business Continuity
• Codes of Ethics
• Duties to Employees
• Social Engineering as Penetration Testing
• Shareholders and the Community
• Duties to the Profession
• Section Two: Planning for Business Continuity: a ‘how-to’ guide
• 9: Business Continuity Management Methodology
• Introduction
• What is Business Continuity Management?
• A Structured Management System
• The Business Continuity Management Lifecycle
• Coordination and Management of the Process
• A Practical Approach
• Summary
• 10: Project Initiation and Control
• Project Initiation
• Project Costs – Start-up and Ongoing
• Projected Rebuild Costs
• Projected Potential Savings
• Project Management
• Continuing Visible Support
• 11: Risk Evaluation and Control: Practical Guidelines for Risk Assessment
• Introduction
• Operational Risk and BCM
• Objective of Risk Evaluation and Control
• Threats and Vulnerabilities
• Assessing the Risk
• Why Undertake Risk Analysis?
• Risk Evaluation
• Is Risk Control Worth Doing?
• An Alternative Approach to Assessing Threats within a BCM Programme
• To Finish … Some Ideas to Make it Work
• 12: Business Impact Assessment
• 12-1 Business Impact Analysis
• 12-2 Business Impact Analysis: Building a Better Mousetrap
• 13: BC Strategies for Information and Communications Technology
• 13-1 Strategies for Continuity and Availability for Information and Communications Technology (ICT)
• 13-2 Business Continuity for Telecommunications
• 13-3 Planning to Recover Your Data: More Options
• 13-4 Business Continuity Strategies for the Business or Work Areas
• 14: Strategies for Different Market Sectors
• 14-1 Business Continuity Strategies for the Financial Sector
• 14-2 Business Continuity Strategies for Manufacturing and Logistics
• 14-3 Business Continuity and the Supply Chain
• 14-4 Case Study: Implementing Business Continuity in the Upstream and Midstream Energy Sector (Petrochemicals and Refineries)
• 14-5 From an Island to a Continent: Business Continuity in a Telecommunication Company
• 14-6 BC Strategies in the Retail Sector
• 14-7 Strategies for Funding Recovery
• 15: Developing and Implementing the Written Plan
• Developing the Plan: Scoping
• How the Plan Builds Up
• The Plan
• The End – or The Beginning?
• 16: Awareness and Training
• Introduction
• Awareness: Benefits of Business Continuity Planning
• Establish BC Policy
• Establishing Objectives and Components of the Programme
• Functional Awareness and Training Requirements for ‘The Players’
• Developing the Training Methodology
• Acquiring or Developing Training Aids
• Identifying External Training Opportunities
• Corporate Awareness
• Awareness through Maintenance, Review, Audit and Exercising
• Summary
• 17: BC Plan Testing
• 17-1 BC Plan Testing
• 17-2 Testing vs. Exercising: What’s the Difference?
• 18: BCM Audit
• Introduction
• Audit Objective
• Determining the Maturity Level of the Organization
• Individual Audit Approach
• Defining the Audit Programme
• Audit Planning
• Audit Deployment
• BCM Audit Areas
• Annex 18.1 Overview of BCM Audit Requirements for Selected Countries
• Appendix 1: Case Studies
• AN INTRODUCTION TO THE CASE STUDY SECTION
• A1 A STORM, EARTHQUAKE, EXPLOSION: A GENERAL OVERVIEW
• A1 B LIVING NIGHTMARES
• A1 C WORLD TRADE CENTER EXPLOSION – FEBRUARY 26, 1993
• A1 D HURRICANE ANDREW, MIAMI – AUGUST 24, 1992
• A1 E CHICAGO FLOODS – APRIL 13, 1992
• A1 F THIRTY SECONDS OF TERROR! THE CALIFORNIA EARTHQUAKE
• A1 G AFTER THE FIRE: FIRST INTERSTATE BANK, LOS ANGELES
• A1 H ONE MERIDIAN PLAZA, PHILADELPHIA
• A1 I THE MERCANTILE FIRE
• A1 J HOW FLOODS CAN RUIN YOUR DAY: LONDON COLLEGE OF PRINTING
• A1 K FLOOD HIGHLIGHTS
• A1 L A CAUTIONARY TALE
• A1 M IT HAPPENED TO THEM
• A1 N FIRE HIGHLIGHTS
• A1 O WESSEX REGIONAL HEALTH AUTHORITY
• A1 P THE BISHOPSGATE BOMB – APRIL 25, 1993
• A1 Q CITY BOMB BLAST, ST MARY AXE – APRIL 10, 1992
• A1 R EXPLOSION ROUNDUP
• A1 S STOP THIEF!
• A1 T MISCELLANEOUS HIGHLIGHTS
• A1 U LESSONS IN RISK MANAGEMENT FROM THE AUCKLAND POWER CRISIS
• A1 V FOOT AND MOUTH: A PREVENTABLE DISASTER
• A1 W THE MADRID RAIL BOMBINGS – MARCH 11, 2004
• A1 X ISTANBUL BOMBINGS – NOVEMBER 2003
• A1 Y LONDON BOMBINGS – JULY 7, 2005 (7/7)
• A1 Z BUNCEFIELD (UK) OIL TERMINAL DISASTER – DECEMBER 11, 2005
• A1 AA INTELLECTUAL PROPERTY THEFT AND BUSINESS CONTINUITY
• A1 AB EUROCLEAR BANK USES BCM FRAMEWORK TO MANAGE THE IMPACT OF THE COLLAPSE OF LEHMAN BROTHERS
• A1 AC THE TOYOTA RECALLS, 2009–2010
• A1 AD THE ICELANDIC VOLCANIC ASH PLUME – APRIL 2010
• A1 AE THE 2010 BP OIL SPILL – GULF OF MEXICO
• Appendix 2: Guidance Notes
• A2 A PANDEMIC PLANNING
• A2 B SELECTING THE TOOLS TO SUPPORT THE PROCESS
• A2 C THE ROLE OF INSURANCE
• A2 D FIVE NINES: CHASING THE CHIMERA?
• A2 E CONSULTANCY WITHOUT TEARS
• A2 F COPING WITH PEOPLE IN RECOVERY
• A2 G BENCHMARKING AND BUSINESS CONTINUITY: EXPLORING AND USING BENCHMARKING TO ASSESS AND DEVELOP YOUR BUSINESS CONTINUITY MANAGEMENT PROGRAMME
• A2 H CHANGING ATTITUDES TO BUSINESS CONTINUITY IN PRIVATE AND PUBLIC SECTORS
• Appendix 3: Professional Associations, Certification Standards and Resources for BCM Practitioners
• Professional Associations
• Emergency Preparedness, Business Continuity and Disaster Recovery Information Exchange Associations
• Resources
• Organizations
• Appendix 4: International Perspectives
• A4 A INTERNATIONAL STANDARDS AND LEGISLATION IN BUSINESS CONTINUITY
• A4 B BUSINESS CONTINUITY MANAGEMENT: INTERNATIONAL PERSPECTIVES IN 2010
• A4 C BUSINESS CONTINUITY PLANNING IN THE MIDDLE EAST AND THE INDIAN SUBCONTINENT
• A4 D BUSINESS CONTINUITY MANAGEMENT IN AFRICA
• A4 E BUSINESS CONTINUITY IN CHINA
• Glossary of General Business Continuity Terms
• Index
• End User License Agreement