A basic element of it business continuity plan: systematic review
Keywords:
business continuity plan, business continuity, cobit 5 domain, ISO 22301, 2012 business continuity management system, itil it service continuity managementAbstract
Implementation of IT in the enterprise raises the possibility of various risks arising from threats and disturbances. Companies need to have business continuity planning (BCP), so that the company's business processes can be sustain in normal or critical situations. BCP is a methodology used to create and validate plan to sustain business operations continuously before, during, and after disasters or disturbing events. BCP is an important part of Business Continuity Management (BCM) and is a step that can be taken to reduce the negative impact of business interruptions caused by internal and external. The current condition of the Business Continuity Plan is the lack of understanding of the key elements of the business continuity plan design that leads companies to realize what business continuity plan are or do not know what is needed to make BCP and BCP owned by the company still lack in completeness of the business continuity strategy. Based on the present condition, this research aims to explore the elements of BCP based on business continuity standard that is COBIT 5 Domain: Manage Continuity, ISO 22301: 2012 Business Continuity Management System, ITIL IT Service Continuity Management and related business continuity plan research. The results of the research are BCP has 8 main elements, determining the need of business continuity management, business continuity review, risk analysis, business impact analysis, business continuity strategy, disaster recovery plan, employee training, BCP testing, where the eight elements can be categorized into two are managerial and technical.References
Ali Asgary, A. S. (2011). Modelling the Adaptation of Business Continuity Planning by Businesses Using Neural Network. Intelligent System in Accpunting, Finance and Management, 89-104.
Calgary Emergency Management Agency. (2015, October 19). Calgary Chamber. Retrieved from Survey Findings: Business Continuity Planning Still Low in Calgary's Business Community: https://www.calgarychamber.com/insight/blog/survey-findings-business-continuity-planning-still-low-calgarys-business-community
Dey, M. (2011). Business Continuity Planning (BCP) Methodology-Essential For Every Business. IEEE GCC Conference and Exhibition (pp. 19-22). Dubai: IEEE.
Ernst & Young LLP. (2002). Global Information Security Survey.
Federal Office for Information Security. (2013). Business Continuity Management for SMEs using the Cloud. Bonn: Federal Office for Information Security (BSI).
Goldberg, E. M. (2008). Sustainable Utility Business Continuity Planning: A Primer, An Overview and A Proven Culture-Based. The Electricity Journal, 67-74.
Griffith University. (2013). Business Continuity Management Framework. Queensland: Griffith University.
Hiles, A. (2007). The Definitive Handbook of Business Continuity Management Second Edition. West Sussex: John Wiley & Sons Ltd.
ISACA. (2012). COBIT 5 Enabling Processes. Rolling Meadows: ISACA.
Jacques Botha, R. V. (2004). A Cyclic Approach to Business Continuity Planning. Information Management and Computer Security, 328-337.
K. Venclova, H. U. (2013). Advantages and Disadvantages of Business Continuity Management. International Jpurnal of Social, Behavioral, Educational, Economic, Business and Industrial Enginee, 895-899.
Rupal Choundhary, D. (. (2016). Business Continuity Planning: A Study of Framework, Stadards and Guidelines for Banks IT Services. International Journal of Emerging Research in Management & Technology, 33-40.
S. Ali Torabi, R. G. (2016). An Enhanced Risk Assessment Framework for Business Continuity Management Systems. Safety Science, 201-218.
S.A. Torabi, H. R. (2014). A New Framework for Business Impact Analysis in Business Continuity Management (with a case study). Safety Science, 309-323.
SANS Institute. (2002). Introduction to Business Continuity Planning. Retrieved from SANS: https://www.sans.org/reading-room/whitepapers/recovery/introduction-business-continuity-planning-559
Technical Committee ISO/TC 223. (2012). ISO 22301 Societal Security-Business Continuity Management Systems-Requirement. Switzerland: ISO.
Virginia Cerullo, M. J. (2004). Business Continuity Planning: A Comprehensive Approach. Information Systems Management, 70-78.
Downloads
Published
Issue
Section
License
Authors who publish with Jurnal Informatika (JIFO) agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC BY-SA 4.0) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
