Business Continuity Management (BCM)

Business Continuity Management

Business Continuity Management (BCM)

Business continuity management is a system that helps the executive management within business entities identify potential internal or external threats, assess the impacts thereof if they occur and develop plans to address such threats in order to ensure the business continuity. Examples of such threats include natural disasters, penetration of the organization’s data center or change in the State’s laws and regulations.

Given the importance of “business continuity management” concept in practice, the British Standards Institutions “BSI” issued the first “business continuity management” standard. In UK, the BSI released BS 25999 in two parts that address the business continuity. The first part is BS 25999-1:2006, which contains the code of practice whole the second part is BS 25999-2:2007, which explains the requirements for implementing, operating and improving a documented business continuity management system.

In May 2015, the International Organization for Standardization published the ISO 22301:2012 Standard entitled “Business Continuity Management System”. The BSI subsequently replaced its standard with ISO 22301:2012 Standard.

Various business entities can qualify their management system in alignment with the requirements of ISO 22301:2012 Standard, pass the audit conducted by the certification bodies and obtain the certification of compliance with the standard.

Furthermore, there are professional certificates for specialists who are willing to document their knowledge in “Business Continuity Management”.

In the State of Kuwait, Law No. 7 of 2010 concerning the Establishment of Capital Markets Authority and Regulation of Securities Activity was promulgated on 21 February 2010 and its Executive Regulations were issued under Resolution No. 72 of 2015 on 9 November 2015, which address the Business Continuity in Module 6 – Policies and Procedures of Licensed Person, which require the licensed persons to implement the same.

The “Business Continuity Management” System is an internal control, which supports the corporate governance system explaining the mandatory implementation thereof.

The “Business Continuity Management” System is implemented by creating an organizational unit or a committee chaired by CEO or an Assistant CEO with heads of departments as members. A permanent job will be assigned to manage the tasks of such unit or committee and periodic meeting framework will be established for it.

Added value to business entities from Business Continuity Management Services

  • Comply with laws, regulations, resolutions and instructions issued by the regulators.
  • Protect the entity against potential threats to maintain the business continuity.

Services provided by Baker Tilly

  1. Consulting services to implement the “Business Continuity Management” System.
  2. Consulting services to implement the “Business Continuity Management” System in accordance with ISO 22301: 2012 Standard.
  3. Training services.

Other related services