Business Continuity Management & ISO 22301 - Complete Guide
What you'll learn
- Understand what Business Continuity Management is and what it's not
- Understand why effective Business Continuity Management is Key to Success of Any Business
- Learn and differentiate between related organizational resilience concepts - including Emergency Response, Crisis Management, Incident Management and IT Disaster Recovery
- Implement ISO 22301:2019 Business Continuity Managements System (BCMS)
- Understand governance of business continuity management
- Perform Business Impact Analysis (BIA) and Business Continuity Risk Management as per ISO 31000
- Develop Business Continuity Strategies and Plans
- Understand what IT Disaster Recovery planning is and how it links with Business Continuity
- Understand the importance of Human Factor and Training & Awareness
- Perform Business Continuity Exercises
- Be able to Monitor, Maintain and Perform Assurance of the Business Continuity Management System
- No experience required, just a willingness to learn about business continuity
- Familiarity with business continuity concepts is helpful
Welcome to one of the best business continuity management course you'll find anywhere. This course will enable you to develop not only a highly in demand skill of today but also to help organizations survive and become more resilient.
We will start this course by understanding the fundamental organizational resilience and Business Continuity Management (BCM) concepts. What BCM is and what’s it’s not. I’ll clarify the misconceptions and confusions about Business Continuity and explain what benefits it brings to an organization from different perspective such as benefits from business, financial, internal processes and stakeholder perspectives. We’ll also look at the global Business Continuity Management standard i.e. ISO 22301: 2019 and its requirements. Once we have understood the key concepts and elements of the BCMS, we will dive deep in each of these main areas of the business continuity:
- Introduction and Key Business Resilience Concepts
Understand some common myths and misconceptions about Business Continuity
Learn key aspects of broader business resilience i.e. Emergency Response, Crisis Management, Incident Management, Business Continuity Planning and IT Disaster Recovery
Understand how these plans and processes link to each other in a very easy to understand disruption timeline
- ISO 22301:2019 – Business Continuity Management System
Understand what ISO 22301 standard is
Learn what is ISO’s PDCA (Plan Do Check Act) lifecycle.
Learn about the requirements of 10 ISO 22301 clauses
Understand the key benefits of implementing and maintaining a Business Continuity Management System (BCMS) from different perspectives, such as benefits from business perspective, financial perspective, internal processes perspective and stakeholders perspective.
Understand the importance of having clear accountability, ownership and responsibilities.
Learn why a Business Continuity Policy is required and what should it include
Be able to understand the key aspects of a Business Continuity Management Framework
- Risk Management
Understand why an effective risk management is important for the BCMS
Understand the difference between enterprise risk management (such as ISO 31000) and business continuity management
Learn what some of the common risk treatment options are that can be applied to the business continuity risks.
- Business Impact Analysis
Study what Business Impact Analysis (BIA) is. Why do we do this analysis, and how BIA helps you understand your organization better.
Learn what recovery objectives are, the key terms of Recovery Time Objectives (RTO) and Recovery Point Objective (RPO)
Learn the 6 steps of performing the Business Impact Analysis.
- Business Continuity Planning
Understand what Business Continuity Planning is, why it’s important
Learn the requirements and strategies of business continuity planning
Learn how to develop a Business Continuity Plan (BCP) considering various aspects such as people, communication, facilities, systems and applications, telecommunications, internal and external dependencies, special requirements and related content to be included in the BCPs.
- Linkage with IT Disaster Recovery and Related Plans
Learn what IT Disaster Recovery Plan (IT DRP) is and what are the components for developing an IT DR Plan.
Understand that BCP is not a standalone document rather how it needs to connect seamlessly with the related plans such as Emergency Response, Crisis Management, Incident Management and IT Disaster Recovery
- Human Factor
Learn why training and awareness is one of the most crucial aspect for the BCP to be useable and effective.
Understand the key education and awareness elements within the BCMS.
Learn how business continuity can be embedded in the organizational culture.
- Business Continuity Exercises
Study the importance of performing Business Continuity Tests and Exercises
Be able to ensure that the plans are able to meet the required objectives (RTO and RPO)
Learn several business continuity tests and exercise methods and which one will be suitable in different scenarios.
Learn why performing debriefing sessions are important and how they should be conducted.
- Maintenance, Monitoring and Assurance
Learn how BCPs and the BCMS should be maintained and kept up to date
Understand what are the main aspects of performing the periodic monitoring and assurance of the BCMS.
Finally in the conclusion section we will have a brief re-cap of what we have learned and discuss the next steps.
I’ve also included quizzes, assignments, articles and downloadable material in this course that will help you practice and get additional guidance throughout your journey.
Remember, I have worked on these approaches for a number of my clients across different continents, so the strategies we are going to learn, work in practice, not just on paper!
Who this course is for:
- People interested in learning about business continuity and organizational resilience
- Business continuity managers and professionals
- Business leaders and managers
- Information Technology professionals and managers
- Risk Management professionals
- Business owners
- Aspiring managers
Hassham is senior manager in a well-known fortune 100 advisory firm. He has extensive experience in evaluating and implementing cyber security and organizational resilience related risks, identifying deficiencies and potential opportunities for improvement, and developing innovative solutions for improving cyber security, risk management, technology operations, and business continuity capabilities.
Hassham holds an MBA and BS (Computer Science) degrees along with some of industry best certifications and qualifications, including PMP, ISO 27001 Lead Auditor, ISO 31000 Lead Implementer, COBIT 5 Foundation, SAFe Agilist, ISO 22301 Implementer, CMMI ATM, Microsoft Certified Professional etc.
He also has strong knowledge and implementation experience of international security, resilience, risk management and governance standards and frameworks, such as ISO 27001, ISO 22301, ISO 31000, NIST, ISO 9001 and COBIT.
His understanding of both business perspectives and technical challenges helps him analyze the issues better and propose more pragmatic recommendations.