According to the ISO 22301 Auditing eBook, there are five types of strategies involved in the process-centric approach to business continuity management. They are:
Business continuity strategy: This is the overall approach that provides a framework for ensuring the continuity of an organization’s critical functions in the event of a disruption. It defines the objectives, scope, principles, and policies of the business continuity management system (BCMS).
Recovery strategy: This is the specific approach that defines how an organization will restore its critical functions within a predefined time frame after a disruption. It identifies the resources, actions, and procedures required to recover the critical functions and resume normal operations.
Continuity strategy: This is the specific approach that defines how an organization will maintain its critical functions during a disruption. It identifies the alternative arrangements, methods, and modes of operation that will enable the organization to continue delivering its products or services at an acceptable level of performance.
Mitigation strategy: This is the specific approach that defines how an organization will reduce the likelihood and/or impact of a disruption. It identifies the preventive and protective measures that will minimize the exposure and vulnerability of the organization to potential threats and risks.
Response strategy: This is the specific approach that defines how an organization will react to a disruption. It identifies the roles, responsibilities, and authorities of the incident management team, the communication channels and protocols, and the escalation and notification procedures.
Submit