atsec publishes Content Description of PAS 56:2003 "Guide to business continuity management"

This Content Description written by Andreas Rauer of atsec provides an overview of the 54 page document and serves as a guide to navigating the chapters and subsections of PAS 56. This allows readers to quickly identify what a business continuity management (BCM) plan consists of, when the specification and implementation of a BCM plan is mandatory for an organization, and the type of activities, analysis, and documentation that is expected.

The Publicly Available Specification 56 (PAS 56:2003) "Guide to business continuity management" was released by the British Standards Institution (BSi) in March 2003. Its scope encompasses the process, principles, and terminology of BCM in an organization. The specification describes the activities and expected results, provides recommendations for good practice, and outlines evaluation criteria.

Although it is still a specification, which is a preliminary stage to a full-blown British Standard, PAS 56 offers an opportunity to design, establish and operate a functional, standardized business continuity management system (BCMS). The use of such a BCMS will ensure that current best practices are considered. The primary function of the BCMS is to allow your own organization to manage the risks of adverse events and, especially if your organization is bound by Service Level Agreements (SLA), your customers can have greater confidence in your ability to successfully recover from a critical business impact. In addition the benefits include the provision of a perspicuous set of metrics, an analysis of your compliance level to an upcoming standard through internal audits as well as providing possible benefits in negotiations with banks, assurance institutes, and in meeting the needs of business development requirements.

Please read the whole article at:
http://www.atsec.com/iso-27001/PAS-56-description.php

About atsec information security
atsec information security is an independent, standards-based IT (information technology) security consulting and evaluation services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec launched its U.S. business in May 2003, building on extensive success in Europe dating back to 2000. atsec leverages its deep security, process, and standards expertise to consult on a wide range of IT security needs, enabling clients to establish integrated security management procedures in order to manage security risk and improve data, product, and business process reliability. atsec works with leading global companies such as IBM, HP, BMW, SGI, Swisscom, RWE, and Vodafone.