| Last revisionBoth sides next revision |
| articles:business_continuity_planning [2023/02/04 12:09] – created rrandall | articles:business_continuity_planning [2023/02/04 12:12] – [Business Continuity Planning (BCP)] rrandall |
|---|
| |
| While NFPA 1600 has been //influenced// by ISO for many years, it still remains superior to ISO 22301 in many ways (see below). | While NFPA 1600 has been //influenced// by ISO for many years, it still remains superior to ISO 22301 in many ways (see below). |
| |
| Although a government standard, another very good standard is: \\ | |
| NIST Special Publication 800-34 Rev. 1, "//Contingency Planning Guide for Federal Information Systems//" \\ | |
| [[https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-34r1.pdf]] | |
| |
| While ISO has produced ISO 22301, "//Societal security — Business continuity management systems — Requirements//", once you dig through all of the required Annex L nonsense.. and the laughable incompetence of the authors, there are only a few gems buried in it. Similarly, ANSI/ASIS ORM.1-2017, "//Security And Resilience In Organizations And Their Supply Chains - Requirements With Guidance//" addresses this topic as well (although the ASIS_SPC.1-2009 version was better in some regards). However, it is too similar to ISO 22301 to be of any real value. | While ISO has produced ISO 22301, "//Societal security — Business continuity management systems — Requirements//", once you dig through all of the required Annex L nonsense.. and the laughable incompetence of the authors, there are only a few gems buried in it. Similarly, ANSI/ASIS ORM.1-2017, "//Security And Resilience In Organizations And Their Supply Chains - Requirements With Guidance//" addresses this topic as well (although the ASIS_SPC.1-2009 version was better in some regards). However, it is too similar to ISO 22301 to be of any real value. |
| |
| You may note that NFPA 1600, "//Standard on Continuity, Emergency, and Crisis Management//" (2019 Edition), Annex E, integrates the requirements of NFPA 1600 with ISO Annex SL. This was done to promote integration with existing ISO Management System Standards... and is "//intended to be adopted by the entity at its discretion//". Ultimately, this simply aligns common topics such as document control, corrective action, etc. | You may note that NFPA 1600, "//Standard on Continuity, Emergency, and Crisis Management//" (2019 Edition), Annex E, integrates the requirements of NFPA 1600 with ISO Annex SL. This was done to promote integration with existing ISO Management System Standards... and is "//intended to be adopted by the entity at its discretion//". Ultimately, this simply aligns common topics such as document control, corrective action, etc. |
| | |
| | <WRAP center round info 80%> |
| | Although developed for Federal Government use, another very good standard is: \\ |
| | NIST Special Publication 800-34 Rev. 1, "//Contingency Planning Guide for Federal Information Systems//" \\ |
| | [[https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-34r1.pdf]] |
| | info box |
| | </WRAP> |
| |
| |
