Guest user Created: Mar 01, 2022 Last commented: Mar 01, 2022

Question about ISO22301 template

1 - I am looking for an example of a process dependency matrix. 2 - I am also buys with a very big clients BCP. They have quite a few emergency and evacuation and other plans (SHE, Fire) being a power station. How does one integrate these into the BCP and how do I link this to the Incident management process?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Mar 01, 2022

1 - I am looking for an example of a process dependency matrix.

Considering ISO 22301, I suggest you take a look at our Business Impact Analysis Questionnaire template at this link: https://advisera.com/27001academy/documentation/business-impact-analysis-questionnaire/

The purpose of this document is to gather all required information for the development of the business continuity strategy, including the relationship between business processes.

For further information, see:

How to implement business impact analysis (BIA) according to ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-implement-business-impact-analysis-bia-according-to-iso-22301/

2 - I am also buys with a very big clients BCP. They have quite a few emergency and evacuation and other plans (SHE, Fire) being a power station. How does one integrate these into the BCP and how do I link this to the Incident management process?

Please note that the Business Continuity Plan (BCP) can be composed of several plans (e.g., incident response plans, recovery plans, disaster recovery plans, etc.) according to the considered scenario.

The integration of a BCP with the Incident management process is by defining in the Incident management process when an incident is critical enough so activation of the BCP needs to be considered.

Regarding the integration of these plans with the BCP, from our experience, you should consider:

one top-level document called Business Continuity Plan, where you define the crisis management plan, and the general rules by which all continuity activities will abide, ensuring all plans are aligned.
separated Incident Response Plans for describing how you would respond to different incidents, covering related activities required by all areas of the organization.
recovery plans for describing how to recover each of your processes/departments/projects in case of a disruption, also covering related activities required by all areas of the organization. For IT operations this plan is commonly known as the Disaster Recovery Plan.

For more information, please see:

How to write business continuity plans? https://advisera.com/27001academy/blog/2010/04/08/how-to-write-business-continuity-plans/
Business continuity plan: How to structure it according to ISO 22301 https://advisera.com/27001academy/knowledgebase/business-continuity-plan-how-to-structure-it-according-to-iso-22301/

These materials will also help you regarding business continuity planning:

Writing a business continuity plan according to ISO 22301 [free webinar on demand] https://advisera.com/27001academy/webinar/writing-a-business-continuity-plan-according-to-iso-22301-free-webinar-on-demand/
Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/27001academy/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Mar 01, 2022

Expert Advice Community