Business Continuity Management

3. Business Continuity Management: Risk Analysis

What is the likelihood of a disaster or other serious disruption occurring? A risk assessment (stage 2 of the business continuity management process) enables an organisation to gauge the level of threat and the extent to which it is vulnerable. These are key factors in determining business continuity management requirements. Activities covered by an assessment should include:

  • Identification of risks. For example, damage or denial of access to premises
  • Appraisal of the impact of a loss of utilities e.g. electricity, water or gas
  • Appraisal of the failure of business partners or service providers
  • Appraisal of the impact of single points of failure within the IT infrastructure. For example, reliance on a single gateway for external communication or the unavailability of key staff

A risk assessment should detail threat and vulnerability levels where:

  • Threat is defined as “how likely is it that a business disruption will occur?”
  • Vulnerability is defined as “whether, and to what extent, the organisation will be affected if a threat materialises”
© Crown Copyright. URN 05/625; 01/05
1 2 3 4 5 6 7 8 9 10 11 12 13 14

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>