The purpose of business continuity management (BCM) is to identify the threats an organization faces both internally and externally.
Business continuity management provides organizations with the ability to quickly and effectively respond to threats such as natural disasters and data breaches while also protecting their business interests. Business continuity management includes disaster recovery, business continuity, crisis management, incident management, emergency management, and contingency planning.
ISO 22301 emphasizes the importance of the following in a business continuity management system:
1. Establishing business continuity management policies and objectives as well as identifying continuity and preparedness needs.
2. Managing continuity risks within an organization by implementing and operating controls and measures.
3. Continuity management system performance and effectiveness monitoring and evaluation.
4. Measuring objectively and continuously improving.