Commentary

Business continuity planning is an essential component in all aspects of business. There can be few purchasing departments who do not have lists of suppliers who can step in should their first choice let them down. There can be few transport departments who do not have a plan to cover vehicle breakdowns or absentee drivers. Why should the office not have similar plans for how it intends to deliver corporate information when the power goes off, or when the computers break down?

Clearly the disaster recovery process will require the IT department to play a major role in replacing lost or damaged systems and infrastructure, but the main thrust must come from the business managers who are the only ones who can decide what parts of their business they need to carry on doing and just how much equipment they need to support their line function to a satisfactory degree.

It has already been stressed that compliance with this standard will have special significance to those organisations with whom an organisation may wish to network. All partners in such trading networks need to share a known level of confidence about the security of information passing around the network. It is equally important that the partners can rely on each other to be there when this information is being passed around. Once electronic trading partners get to 'know' each other it is not uncommon for shared processes to build up over the network, e.g. Organisation 'A' cannot complete its monthly sales return until Organisation 'B' downloads its component of the spreadsheet, etc.

Business continuity planning can be as important to trading partners as it is to customers and to organisational survivability. There is growing evidence of major contracts including business continuity planning as a mandatory requirement.

An Introduction To Information, Network and Internet Security
Commentary Business continuity planning is an essential component in all aspects of business. There can be few purchasing departments who do not have lists of suppliers who can step in should their first choice let them down. There can be few transport departments who do not have a plan to cover vehicle breakdowns or absentee drivers. Why should the office not have similar plans for how it intends to deliver corporate information when the power goes off, or when the computers break down? Clearly the disaster recovery process will require the IT department to play a major role in replacing lost or damaged systems and infrastructure, but the main thrust must come from the business managers who are the only ones who can decide what parts of their business they need to carry on doing and just how much equipment they need to support their line function to a satisfactory degree. It has already been stressed that compliance with this standard will have special significance to those organisations with whom an organisation may wish to network. All partners in such trading networks need to share a known level of confidence about the security of information passing around the network. It is equally important that the partners can rely on each other to be there when this information is being passed around. Once electronic trading partners get to 'know' each other it is not uncommon for shared processes to build up over the network, e.g. Organisation 'A' cannot complete its monthly sales return until Organisation 'B' downloads its component of the spreadsheet, etc. Business continuity planning can be as important to trading partners as it is to customers and to organisational survivability. There is growing evidence of major contracts including business continuity planning as a mandatory requirement.	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security