BRITISH STANDARDS BS 25777:2008

Posted by admin on Monday, April 20, 2009 · Leave a Comment

Information and communications technology continuity management. Code of practice

Buy British Standards

Do you have a plan for when your computer system crashes?

Can your business continue without information and communication technology (ICT)?

In most organizations, the processes that deliver products and services depend on information and communication technology (ICT).

Disruption to ICT can therefore be a huge risk and can damage your organization’s ability to operate and undermine its reputation. The consequences of a disruptive incident vary and can be far-reaching, and might not be immediately obvious at the time. So how would you cope?

BS 25777 will help your organization plan and implement an ICT continuity strategy.

ICT continuity management supports the overall business continuity management (BCM) process of an organization. BCM ensures that your organization’s processes are protected from disruption and is able to respond positively and effectively when disruption occurs.

ICT continuity management makes sure that ICT and services are resilient and can be recovered within timescales required by and agreed with the top management. Effective BCM depends on ICT continuity management to ensure that your organization can meet its objectives at all times, particularly during times of disruption. To be successful, both BCM and ICT continuity management have to become embedded within the organization’s culture.

BCM and ICT continuity management form an important part of effective management, sound governance and organizational prudence. Top management is responsible for maintaining the ability of the organization to continue to function in the face of disruption. Many organizations also have a statutory or regulatory duty to maintain effective risk-based controls, including BCM.

The benefits of effective ICT continuity are that your organization:

Understands the threats to, and vulnerabilities of, ICT services
Identifies the potential impacts of disruption to ICT services
Encourages improved collaboration between business managers and ICT service providers (internal and external)
Develops and enhances competence in ICT staff by demonstrating credible responses through exercising ICT continuity plans and testing ICT continuity arrangements
Provides assurance to top management that it can depend upon predetermined levels of ICT services and receive adequate support and communications in the event of a disruption
Provides additional confidence in the business continuity strategy through linking investment in ICT solutions
Has ICT services that are cost-effective
Can enhance its reputation for prudence and efficiency
Potentially gains competitive advantage through the demonstrated ability to deliver business continuity and maintain product and service delivery in times of disruption
Understands and documents stakeholders’ expectations and their relationships with, and use of, ICT services.
ICT continuity is fairly cheap and easy to set up as part of ICT strategy. Retrofitting ICT continuity can be complex, disruptive and expensive. The content of an ICT continuity programme will be influenced by the organization’s risk appetite.

BS 25777 gives recommendations for ICT continuity management within the framework of business continuity management provided by BS 25999-1.

Contents of BS 25777 include:
Foreword
Introduction
Scope
Terms and definitions
ICT continuity programme management
Understanding the ICT requirements for business continuity
Determining ICT continuity strategies
Developing and implementing ICT strategies
Exercising and testing
Maintenance, review and improvement
ICT continuity management milestones
Bibliography

BS 25777 is available in two formats, as a hard copy printed version or electronically, as a PDF for download.

Standard Number BS 25777:2008

Title Information and communications technology continuity management. Code of practice

Status Current

Publication Date 31 December 2008

Cross References BS 25999, BS EN ISO 9000:2005, BS ISO/IEC 20000-1, BS ISO/IEC 20000-2, BS ISO/IEC 27001, BS ISO/IEC 27002

Draft Superseded 08/30166965 DC

Descriptors Data processing, Communication technology, Business continuity, Management operations, Management, Risk assessment, Risk analysis, Enterprises, Organizations, Planning, Documents, Personnel, Business facilities, Data transmission, Security

ICS 03.100.01 (Company organization and management in general)
35.020 (Information technology (IT) in general)

Committee BCM/1

ISBN 978 0 580 56239 6

Publisher BSI

Format A4

Delivery YES

Pages 40

File Size 475 KB

Price £ 130.00

Filed under British Standards · Tagged with BS 25777 2008

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

DOWNLOAD PDF OR GET HARDCOPY OFFICIAL BSI EN ISO STANDARDS NOW. CLICK HERE TO CHECK AVAILABILTY

Popular British Standards & Products

Quality Management:
BS EN ISO 9001:2008
BS EN ISO 9000:2005 Fundamentals and vocabulary
BS EN ISO 9004:2000 Guidelines for performance improvements
BS ISO 10001:2007 Customer satisfaction. Guidelines for codes of conduct for organizations
BS ISO 10003:2007 Customer satisfaction. Guidelines for dispute resolution external to organizations

Environment and Sustainability:
ISO 14001 Requirements with guidance for use
ISO 14004 General guidelines on principles, systems and supporting techniques
ISO 14050 Environmental management. Vocabulary
BS 8555:2003 Guide to the phased implementation of an environmental management system including the use of environmental performance evaluation

Occupational Health and Safety Management (OHSAS):
BS OHSAS 18001:2007 Requirements
BS OHSAS 18002:2008 Guidelines for the implementation of OHSAS 18001:2007
BS 18004:2008 Guide to achieving effective occupational health and safety performance
Managing Safety the Systems Way. Implementing BS OHSAS 18001:2007 (book)

Information Technology Security:
ISO 27001 Information security management systems. Requirements
ISO 27000 Information security management system. Overview and vocabulary
ISO 27002 Code of practice for information security management
ISO 27005 BS ISO/IEC 27005:2008Security techniques. Information security risk management
Guidelines on Requirements and Preparations for ISMS Certification based on ISO/IEC 27001 (book)

Business Continuity and Risk Management:
BS 25999-1:2006 Code of practice
BS 25999-2:2007 Specification
The Route Map to Business Continuity Management. Meeting the Requirements of BS 25999 (book)

Information Communications Technology Continuity Management:
BS 25777:2008 Code of practice

Risk Management:
BS 31100:2008 Code of practice
Managing Risk and Resilience in the Supply Chain (book)
PAS 55-1:2008 Asset management. Specification for the optimized management of physical assets.
PAS 55-2:2008 Asset management. Guidelines for the application of PAS 55-1

BRITISH STANDARDS BS 25777:2008

Speak Your Mind

Popular British Standards & Products