BCM framework and policy
Currently, I am drafting BCM framework for my small organization which is on SAAS platform. We have multiple sites as well with in XYZ and XYZ as well.
May you please give me some inputs/ guidance, how to draft the framework and policy and what points to consider keeping in mind SAAS.
Assign topic to the user
For a BCM framework, I can suggest you ISO 22301, the leading ISO standard for business continuity management. To see how the documents to implement this framework looks like, I suggest you to take a look at the free demo of our ISO 22301 Documentation Toolkit at this link: https://advisera.com/27001academy/iso22301-documentation-toolkit/
This toolkit covers all the mandatory, and most commonly used, documents you need to implement and certificate a BCMS against ISO 22301. Also included in the toolkit you can find a template for a Business Continuity Policy (you can take a look at the free demo of this specific document at this link: https://advisera.com/27001academy/documentation/business-continuity-policy/).
ISO 22301 is a generic approach that can be used by business of any size and industry, including those that makes use of SaaS platforms. Included in each template you will find comments that will help you to include the information about your SaaS platform whenever necessary.
These articles will provide you further explanation about ISO 22301 and BC policy and scope (although these articles are about ISO 27001, the same concept applies to ISO 22301):
- What is ISO 22301 https://advisera.com/27001academy/what-is-iso-22301/
- 17 steps for implementing ISO 22301 https://advisera.com/27001academy/knowledgebase/17-steps-for-implementing-iso-22301/22301/iso-22301/
- What should you write in your Information Security Policy according to ISO 27001? https://advisera.com/27001academy/blog/2016/05/30/what-should-you-write-in-your-information-security-policy-according-to-iso-27001/
- Defining the ISMS scope if the servers are in the cloud https://advisera.com/27001academy/blog/2017/05/22/defining-the-isms-scope-if-the-servers-are-in-the-cloud/
Comment as guest or Sign in
Feb 20, 2020