PD 25888:2011 - Business Continuity Management: Guidance on organization recovery following disruptive incidents

The nature, complexity and scale of recovery management cannot be determined in advance of an incident; therefore, recovery management has to be flexible, scalable and relevant to a broad range of risks applicable to the organization and its operating environment.

Some incidents are dramatic and as a result can change the very fabric of “normality” for an organization so lessons have to be learned from the response to any incident and the recovery management arrangements reviewed.

For this reason, recovery management might need to operate under new operating norms beyond recovering to pre-recovery conditions. Recovery management has to balance predetermined recovery requirements against emerging or changing expectations.

Recover, restore or reconfigure

PD 25888 Guidance on organization recovery following disruptive incidents offers a definitive step-by-step guide on how best to develop and implement your organization's recovery in response to a disruptive incident.

Designed to complement the provisions of BS 25999, this document presents the ability to recover, restore or reconfigure taking into consideration the financial, legal, regulatory, environmental, reputational and emotional consequences that could result from an incident and the consequences that follow.

Successful implementation of organization recovery is mutually dependent upon effective implementation of incident management and business continuity plans.

Prepare yourself against the worst

This published document is applicable to recovery management before, during and after an incident that disrupts an organization’s ability to deliver its products and services.

It is intended to be applicable to all organizations (or parts thereof), regardless of type, size and nature of business. The extent of application depends on the organization’s operating environment and complexity.

PD 25888 Guidance on organization recovery following disruptive incidents will enable your organization to:

Explore the relationship between recover, incident and business continuity management
Gain simple yet comprehensive explanation of business continuity fundamentals
Identify the relevant knowledge, skills and authority to develop recovery arrangements
Ensure decisions do not compromise medium to long-term recovery
Discover how to efficiently track the progress of every moving part of your recovery process in real time

Contents

Foreword
Introduction
1) Scope
2) Terms and definitions
3) The relationship between recovery management, incident management
and business continuity management
4) Establishing an organization recovery management capability
5) Organization recovery planning
6) Actions on implementation
7) Return to normal operations
Annexes
Annex A (informative) Possible causes of restrictions to access to premises
Annex B (informative) Insurance
Bibliography
List of figures
Figure 1 – The incident timeline
Figure 2 – Example of recovery management team structure
List of tables
Table A.1 – Access issues arising from type of building

PD 25888:2011

Business continuity management. Guidance on organization recovery following disruptive incidents

Current

Published:

31 Dec 2011