BS25999: British Standard for Business Continuity Management

BS25999: British Standard for Business Continuity Management is a tool that organisations can use to minimise the impact of everyday events, such as IT viruses and supply chain disruption, as well as coping with extreme events, such as terrorism. BS25999 comprises two parts:

• BS25999-1: 2006, the Code of Practice provides BCM best practice recommendations; and
• BS25999-2: 2007, the Specification can be used to demonstrate compliance via an auditing process to achieve BS25999 certification.

The publication of Part 1 in late 2006 had an immediate impact with many organisations, both in the UK and abroad, moving quickly to align themselves with the new standard. Since the publication of Part 2 in 2007, over 50 organisations in the UK have already achieved BS25999 certification. These are a mixture of large multinational corporations and less well-known organisations including:

• ATB Computing Services
• BT
• Lyons Seafood
• Matchtech Group
• Northern Group Systems
• O2
• PricewaterhouseCoopers
• Scottish Borders Council
• Sembcorp Utilities (UK) Ltd
• Vodafone

A significant number of overseas businesses have also chosen to adopt the British Standard. One of the main reasons cited for wishing to achieve BS25999 certification is to give reassurance to current and potential customers that the organistion is resilient, thereby creating a competitive advantage.

Helen Molyneux is a BS25999 Technical Expert and Trainee Assessor for NQA and has carried out numerous certification audits. Cambridge Risk Solutions is also a member of the BSI Associate Consultant Programme for BS25999 and can assist with all aspects of preparing for certification including conducting a full BS25999 Gap Analysis.  See further details of how we have assisted on of our clients to achieve BS25999 in our case studies section.