BS25999: British Standard for Business Continuity Management

BS25999: British Standard for Business Continuity Management is a tool that organisations can use to minimise the impact of everyday events, such as IT viruses and supply chain disruption, as well as coping with extreme events, such as terrorism. BS25999 comprises two parts:

• BS25999-1: 2006, the Code of Practice provides BCM best practice recommendations; and
• BS25999-2: 2007, the Specification can be used to demonstrate compliance via an auditing and certification process.

The publication of Part 1 in late 2006 had an immediate impact with many organisations, both in the UK and abroad, moving quickly to align themselves with the new standard. Since the publication of Part 2 in 2007, over 50 organisations in the UK have already achieved certification against BS25999. These are a mixture of large multinational corporations and less well-known organisations including:

• ATB Computing Services
• BT
• Lyons Seafood
• Matchtech Group
• Northern Group Systems
• O2
• PricewaterhouseCoopers
• Scottish Borders Council
• Sembcorp Utilities (UK) Ltd
• Vodafone

A significant number of overseas businesses have also chosen to adopt the British Standard.  One of the main reasons cited for wishing to achieve certification to BS25999 is to give reassurance to current and potential customers that the organistion is resilient, thereby creating a competitive advantage.

Helen Molyneux is a Technical Expert and Trainee Assessor for BSI Management Systems, qualified to carry out BS25999 audits.  Cambridge Risk Solutions is also a member of the BSI Associate Consultant Programme for BS25999 and can assist with all aspects of preparing for certification.