Auditing Business Continuity: Global Best Practices
- 4h 57m
- Rolf von Roessing
- Rothstein Associates
- 2002
Around 85% of Business Continuity Plans fail when tested. Put simply, these plans show fundamental flaws that would have prevented recovery from taking place within the required timescale.
Over 50% of Business Continuity Plans are never tested. This means that those flaws have not been exposed and the plans will almost certainly fail to deliver timely recovery.
These stark figures demonstrate just how misplaced are the hopes of many managers when they rely on such fragile plans. No matter what forethought is given to business continuity management, the actual experience of a disaster bears little relation to the pre-considered events and to plans developed in the relative calm of normal circumstances.
Too often business continuity arrangements are based on specific disaster scenarios and would not withstand scenarios that had not been considered. But disasters are not disciplined. Chaos follows no roadmap. The unthinkable does happen!
This work of Rolf von Roessing is grounded in sound experience and begins to fill the Business Continuity Management plan/capability gap. It sets out the BCM audit process in a structured and user-friendly way that should be basic reading for all BCM professionals and BCM auditors.
This book not only provides a general outline of how to conduct different types of audits but also reinforces their application by providing practical examples and advice to illustrate the step-by-step methodology, including contracts, reports, and techniques. The practical application of the methodology enables the professional auditor and BCM practitioner to identify and illustrate the use of good BCM practice whilst demonstrating added value and business resilience.
About the Author
Rolf von Roessing has extensive experience in business continuity management, information security and traditional security. Over the last years, he has worked with Ernst & Young in several European and global offices, including specialist assignments such as Y2K subject matter expert and active participation in several global core teams for business continuity. His current position includes BCM and security-related responsibilities, and he heads these service lines for Austria and several other countries.
Rolf is a board member of the Business Continuity Institute (BCI) and holds an MBCI certification. He is an active participant of the Institute’s education committee, working towards integration of BCM best practices and tertiary education programs. These developments include the consolidation and publication of BCM knowledge, academic and research work.
Rolf holds postgraduate degrees in Britain, France, and Germany, as well as the CISA (Certified Information Systems Auditor) and CISSP (Certified Information Systems Security Professional) professional certifications.
Auditing Business Continuity: Global Best Practices is his first major book, following a solid background of academic publications and professional papers.
In this Book
-
Audit Framework, Scope and Planning
-
Conducting the Audit
-
Analysis
-
Reporting Guidelines
-
Project Initiation and Management
-
Risk Management and Evaluation
-
Business Impact Analysis Activities
-
Emergency Response and Operations
-
BCM Strategy
-
Detailed Business Continuity Planning
-
Training and Awareness
-
Maintenance and Exercise
-
Public Relations and Communications
-
Coordination with Public Authorities
-
Country-Specific Issues
-
Software-Based Planning
-
Bibliography
