Overview

Business Continuity Management (BCM) ensures that companies identify and design critical business processes so that they can overcome emergency situations as soon as possible or even prevent them in advance.

As a management process, BCM tries to achieve identifying major risks that expose a threat to the organization’s survival and set counteractions at any early stage. To ensure their ability to function and survive, companies need to take preventive measures to create more robust, fail-safe business processes and enable fast, targeted reactions in the case of emergency or crisis. BCM provides a planned, organized approach to sustainably increase the robustness of essential or time-critical business processes, respond to damaging events accordingly, and return to business as usual as quickly as possible.

The goal of BCM is to minimize temporary disruptions to important business processes or eliminate them entirely and secure the company’s economic existence in the case of major damaging events. This requires a holistic view of all factors to continue critical business processes, and not simply the resource of information technology, in case of a damaging event. IT service continuity management (ITSCM) is one component of BCM.

GLDNHRN ONEGRC supports all relevant steps along the entire BCM lifecycle:

Business impact analysis 

Identifying business-critical processes

Running damage analyses (categories and scenarios for damage and protection requirements)

Collecting restore parameters (e.g. max. tolerated downtime, max. tolerated data loss, recovery time and level)

Setting priorities and criticality

Collecting resources for normal and emergency operations

Defining criticality and the order for restarting resources

Creating BIA reports

Risk analysis (identification, evaluation, strategies, reporting)

Control analysis (determining current status)

Resilience strategies (including analysis of costs to benefits)

Emergency prevention (actions, controls, guidelines, escalation)

Validation and Verification Test (execution, documentation)

Compliance (maturity level)

Benefits

Flexible modification of customer-specific requirements

Fewer management tasks in the central BCM team

Optimal reporting (efficient, structured views)

Automated, transparent action tracking

Investment security through module extensibility (ISM)

Integration of ITRM in the BCM solution

Optional mapping of SCM requirements

Completely accessible risk management

Transparency on the maturity level of BCM

Simpler information exchange among different stakeholders

Integration of business departments and process owners based on a business impact analysis or tactics

Documentation and tracking of defined and assumed emergencies

Fast implementation (Web application)

Workflow support for complex approval processes

Less reporting work through automation

Features

Compatible with many standards

Mapping of BCM assessment lifecycles and period comparisons (business impact analysis, risk analysis, BCP/DRP and validation verification tests)

Custom rule configurations to enable objective evaluations based on quantitative and qualitative criteria

GLDNHRN BCM process support for editing and tracking actions, test results, emergency cases, etc.

Mapping complex cause-and-effect relationships among organizational units, infrastructures, IT systems, IS services, processes and resources

Individual reports for various stakeholders

Comprehensive evaluation and aggregation capabilities

Support for custom client-side modifications

Simple administration

Solutions

Thanks to the modular configurations of GOLDENHORN eGRC BCM with different submodules and features:

> Business Continuity Knowledge Management System

> Business Continuity Case Management – Business Resilience Request Fulfillments

> Business Continuity Incident Management

> Business Continuity Management – Plan ActivationsBusiness Resilience Assessment Planning Management

> Business Continuity Assessment Management

> Business Impact Analysis – ProcessBusiness Impact Analysis – Product/ServiceBusiness Impact Analysis – Investment Projects

> Business Impact Analysis – Vendors&Suppliers

> Business Impact Analysis – External Service Provider

> Business Continuity Scoring Engine

> Business Continuity Assessment – Risk Assessment for ProcessBusiness Resilience Plans Testing & Rehearsals Management

> Business Continuity Finding Management

> Business Continuity Performance Management

> Business Continuity Analytics and Reporting