HB 221:2004: business continuity management

This handbook outlines a broad framework and core processes that should be included in a comprehensive business continuity process. It argues that business continuity management (BCM) plays a critical role as part of the organizations risk management process in providing a fundamental mitigation process for certain types of risk. BCM also stands as a dedicated process incorporating the risk assessment process for the examination of the organizations disruption risks. The handbook demonstrates that risk management and BCM are intrinsically linked as part of an effective risk management system.

The handbook is presented in two parts: (i) what is business continuity management, which provides a definition of BCM and outlines its evolution, from a narrow IT-centric focus to a planning tool and (ii) The BCM Manual that outlines a BCM framework that can be developed by any organization and implemented at all levels, whether at a specialist area, such as developing information technology (IT) recovery plans, or at an organization level, linking the risk management, corporate governance and BCM program.

The handbook is intended to be used as reference material by any size or type of organization—from large multinationals to small businesses, not-for-profit agencies and government agencies—that has identified the requirement for, and merit of, developing effective business continuity management processes. The objective of this revision is to align the Handbook with the 2004 edition of AS/NZS 4360: risk management.