Next revision | Previous revision |
articles:business_continuity_planning [2023/02/04 12:09] – created rrandall | articles:business_continuity_planning [2023/02/04 12:13] (current) – [Business Continuity Planning (BCP)] rrandall |
---|
While NFPA 1600 has been //influenced// by ISO for many years, it still remains superior to ISO 22301 in many ways (see below). | While NFPA 1600 has been //influenced// by ISO for many years, it still remains superior to ISO 22301 in many ways (see below). |
| |
Although a government standard, another very good standard is: \\ | While ISO has produced ISO 22301, "//Societal security — Business continuity management systems — Requirements//", once you dig through all of the required Annex L nonsense.. and the obvious incompetence of the authors, there are only a few gems buried in it. Similarly, ANSI/ASIS ORM.1-2017, "//Security And Resilience In Organizations And Their Supply Chains - Requirements With Guidance//" addresses this topic as well (although the ASIS_SPC.1-2009 version was better in some regards). However, it is too similar to ISO 22301 to be of any real value. |
NIST Special Publication 800-34 Rev. 1, "//Contingency Planning Guide for Federal Information Systems//" \\ | |
[[https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-34r1.pdf]] | |
| |
While ISO has produced ISO 22301, "//Societal security — Business continuity management systems — Requirements//", once you dig through all of the required Annex L nonsense.. and the laughable incompetence of the authors, there are only a few gems buried in it. Similarly, ANSI/ASIS ORM.1-2017, "//Security And Resilience In Organizations And Their Supply Chains - Requirements With Guidance//" addresses this topic as well (although the ASIS_SPC.1-2009 version was better in some regards). However, it is too similar to ISO 22301 to be of any real value. | |
| |
Ultimately, any company would be FAR better off simply purchasing a copy of [[https://www.amazon.com/dp/1118326830/ref=rdr_ext_tmb|“Business Continuity For Dummies”]] (which is actually quite good) than either of these two standards. | Ultimately, any company would be FAR better off simply purchasing a copy of [[https://www.amazon.com/dp/1118326830/ref=rdr_ext_tmb|“Business Continuity For Dummies”]] (which is actually quite good) than either of these two standards. |
| |
You may note that NFPA 1600, "//Standard on Continuity, Emergency, and Crisis Management//" (2019 Edition), Annex E, integrates the requirements of NFPA 1600 with ISO Annex SL. This was done to promote integration with existing ISO Management System Standards... and is "//intended to be adopted by the entity at its discretion//". Ultimately, this simply aligns common topics such as document control, corrective action, etc. | You may note that NFPA 1600, "//Standard on Continuity, Emergency, and Crisis Management//" (2019 Edition), Annex E, integrates the requirements of NFPA 1600 with ISO Annex SL. This was done to promote integration with existing ISO Management System Standards... and is "//intended to be adopted by the entity at its discretion//". Ultimately, this simply aligns common topics such as document control, corrective action, etc. |
| |
| <WRAP center round info 80%> |
| Although developed for Federal Government use, another very good standard is: \\ |
| NIST Special Publication 800-34 Rev. 1, "//Contingency Planning Guide for Federal Information Systems//" \\ |
| [[https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-34r1.pdf]] |
| info box |
| </WRAP> |
| |
| |