BCM – BUSINESS CONTINUITY MANAGEMENT
Overview
Business Continuity Management (BCM) ensures that companies identify and design critical business processes so that they can overcome emergency situations as soon as possible or even prevent them in advance.
As a management process, BCM tries to achieve identifying major risks that expose a threat to the organization’s survival and set counteractions at any early stage. To ensure their ability to function and survive, companies need to take preventive measures to create more robust, fail-safe business processes and enable fast, targeted reactions in the case of emergency or crisis. BCM provides a planned, organized approach to sustainably increase the robustness of essential or time-critical business processes, respond to damaging events accordingly, and return to business as usual as quickly as possible.

The goal of BCM is to minimize temporary disruptions to important business processes or eliminate them entirely and secure the company’s economic existence in the case of major damaging events. This requires a holistic view of all factors to continue critical business processes, and not simply the resource of information technology, in case of a damaging event. IT service continuity management (ITSCM) is one component of BCM.
GLDNHRN ONEGRC supports all relevant steps along the entire BCM lifecycle:
Business impact analysis
Identifying business-critical processes
Running damage analyses (categories and scenarios for damage and protection requirements)
Collecting restore parameters (e.g. max. tolerated downtime, max. tolerated data loss, recovery time and level)
Setting priorities and criticality
Collecting resources for normal and emergency operations
Defining criticality and the order for restarting resources
Creating BIA reports
Risk analysis (identification, evaluation, strategies, reporting)
Control analysis (determining current status)
Resilience strategies (including analysis of costs to benefits)
Emergency prevention (actions, controls, guidelines, escalation)
Validation and Verification Test (execution, documentation)
Compliance (maturity level)
Benefits
Flexible modification of customer-specific requirements
Fewer management tasks in the central BCM team
Optimal reporting (efficient, structured views)
Automated, transparent action tracking
Investment security through module extensibility (ISM)
Integration of ITRM in the BCM solution
Optional mapping of SCM requirements
Completely accessible risk management
Transparency on the maturity level of BCM
Simpler information exchange among different stakeholders
Integration of business departments and process owners based on a business impact analysis or tactics
Documentation and tracking of defined and assumed emergencies
Fast implementation (Web application)
Workflow support for complex approval processes
Less reporting work through automation
Features
Compatible with many standards
Mapping of BCM assessment lifecycles and period comparisons (business impact analysis, risk analysis, BCP/DRP and validation verification tests)
Custom rule configurations to enable objective evaluations based on quantitative and qualitative criteria
GLDNHRN BCM process support for editing and tracking actions, test results, emergency cases, etc.
Mapping complex cause-and-effect relationships among organizational units, infrastructures, IT systems, IS services, processes and resources
Individual reports for various stakeholders
Comprehensive evaluation and aggregation capabilities
Support for custom client-side modifications
Simple administration
Solutions
Thanks to the modular configurations of GOLDENHORN eGRC BCM with different submodules and features:
> Business Continuity Knowledge Management System
> Business Continuity Case Management – Business Resilience Request Fulfillments
> Business Continuity Incident Management
> Business Continuity Management – Plan ActivationsBusiness Resilience Assessment Planning Management
> Business Continuity Assessment Management
> Business Impact Analysis – ProcessBusiness Impact Analysis – Product/ServiceBusiness Impact Analysis – Investment Projects
> Business Impact Analysis – Vendors&Suppliers
> Business Impact Analysis – External Service Provider
> Business Continuity Scoring Engine
> Business Continuity Assessment – Risk Assessment for ProcessBusiness Resilience Plans Testing & Rehearsals Management
> Business Continuity Finding Management
> Business Continuity Performance Management
> Business Continuity Analytics and Reporting