This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
4. - Risk management terms for CIOs: Read more in this section
Explore other sections in this guide:
- 1. - Enterprise risk management is not to be overlooked
- 2. - Risk advice from Baroness Pauline Neville-Jones
- 3. - Innovative enterprise risk management strategy for new technologies
Business continuity management (BCM) is a framework for identifying an organization's risk of exposure to internal and external threats.
The goal of BCM is to provide the organization with the ability to effectively respond to threats such as natural disasters or data breaches and protect the business interests of the organization. BCM includes disaster recovery, business recovery, crisis management, incident management, emergency management and contingency planning.
According to ISO 22301, a business continuity management system emphasizes the importance of:
- Understanding continuity and preparedness needs, as well as the necessity for establishing business continuity management policy and objectives.
- Implementing and operating controls and measures for managing an organization’s overall continuity risks.
- Monitoring and reviewing the performance and effectiveness of the business continuity management system.
- Continual improvement based on objective measurements.