Practical, Cost Effective and award-winning

Business Continuity, Crisis Management & Information Security Solutions


0800 035 1231 (Mon to Fri 9am – 5pm)

Suite 3, The Cotton Mill, Torr Vale Mills, New Mills, Derbyshire, SK22 4HS, UK

What is BCM?

Why is Business Continuity Management Important?

IT problems, power outages, loss of mains water and failure of suppliers attract little media attention but nevertheless they cause significant disruption and financial loss to thousands of businesses each year. Business Continuity Management can protect your organisation by mitigating these known risks as well as preparing for the unexpected. Business Continuity Management can also assist in creating a competitive advantage and providing reassurance to staff, investors and other stakeholders.

What Does Business Continuity Management Involve?

ISO22313: Societal Security – Business Continuity Management Systems – Guidance defines good practice based on the following ‘Elements of Business Continuity’

Business Continuity Management diagram and what it involves

Operational Planning and Control

As with any major project, objectives and timescales need to be identified, resources must be allocated and roles and responsibilities assigned to appropriate individuals.

Business Impact Analysis and Risk Assessment

This element consists of 2 separate, but closely related, activities:

  • The Business Impact Analysis (BIA) identifies the critical activities of the organisation, quantifies the impact of not carrying out these activities and calculates the resources required to recover them in a timely fashion; and
  • Risk Evaluation and Control identifies the risks to the critical activities and applies risk mitigation measures where appropriate.

Determining Business Continuity Strategy

The Business Continuity strategy captures how the organisation can most effectively maintain and/or recover its critical activities in the event of disruption and forms the basis for the development of detailed plans.

Establishing and Implementing Business Continuity Procedures

This element involves implementing any infrastructure changes, defining Incident Response structures and the writing of Incident Management and Business Recovery plans.

Exercising and Testing

Exercises and rehearsals are vital to build confidence in the plan and to identify errors and omissions. A formal audit and review process is also necessary to ensure that plans remain up to date and fit for purpose.  This element also includes ensuring that everyone in the organisation must receive basic BCM awareness training and those with specific responsibilities must have more detailed BCM skills training.

How can Cambridge Risk Solutions Help?

Cambridge Risk Solutions provides a range of services to assist with each stage of the Business Continuity Lifecycle.  Alternatively, if you wish, you can outsource your entire Business Continuity Management function to us.

We are members of the BSI Associate Consultant Programme and LRQA Consultant Network, and all work is conducted in accordance with ISO 22301 and ISO 22313.

View some case studies of recent Business Continuity planning, training and exercising projects.

Further information on all aspects of the Elements of Business Continuity is available in our Downloads section.

Get In Touch

We are always happy to answer any questions you may have, please either contact us by telephone, or by filling in the form below.

Please ensure that you do not divulge any sensitive data as this webpage is not secure.

Your work with us has been phenomenal, thank you so much.

more testimonials

  • Business Continuity Planning

    Effective planning that takes into account risk evaluation and business impact analysis, supported by clear and concise crisis management. We work with you to develop user-friendly plans.

  • Business Impact Analysis

    The Business Impact Analysis (BIA) is one of the most important, and least well understood, stages of the Business Continuity Management Lifecycle; we can assist with your BIA.

  • Training and Exercising

    No Business Continuity Management programme is effective without a significant element of training. Moreover, ongoing Crisis Management training and exercising is key. We can provide objective training and exercising.

  • Risk Evaluation and Control

    Risk evaluation and treatment provide a process to identify, prioritise and managing your risks. Cambridge Risk Solutions can assist with risk management for business operational and information security risks.

  • Statement of Applicability

    Which controls do you need to have in place? How do you link your risk assessment process into your SoA? How do you ensure that you have effective controls in place? We can assist with your SoA.

  • Integrated Management Systems

    Management Systems assist with your on-going management, maintenance and continual improvement. We work with you to develop a fully integrated management system, enabling certification to ISO 22301 and ISO 27001.