BS25999 - the Business Continuity Planning Standard

BS25999 is the Business Continuity and Business Resilience certification standard that has worldwide applicability.

1. Buy  The BS25999 Pocket Guide
2. Buy BS25999-2:2007 (the specification) online - or, if you don't already have the Code of Practice, BS25999-1, buy both parts of the standard in this BS25999 Standards Kit;
3. Buy  Business Continuity Management - A Manager's Guide to BS25999
4. Buy a BCM & BS25999 Implementation Set; or
5. Buy a Best Practice Business Continuity Kit;
6. Buy books from the Business Continuity & Disaster Recovery Bookstore;
7. Attend a BS25999 Foundation Training Course
8. Ask for BS25999 consultancy support - telephone +44 845 070 1750

Importance of BS25999 

BS25999, the Business Continuity Standard, is of real importance to everyone from Board directors, corporate executives and IT managers through to facilities managers and business continuity professionals. Service disruptions, delays in responding to customer requests, inability to process transactions in a timely manner or being unable to resume business in the face of a disaster can all have significant impacts on an organization's effective operation. Recent natural disasters as well as terrorist activities have shown that an organization's resilience to a disaster and its being able to resume business quickly and efficiently were directly related to its preparedness to respond to unforeseen events.

In the UK, the NHS has determined that BS25999 certification is a key way for NHS entities to demonstrate that they adequately resilient, and UK local authorities have recognised the BS25999 certification is the best method possible for demonstrating they are meeting their obligations under the Civil Contingencies Act. Internationally, organisations in both the public and private sector are pursuing BS25999 certification in order to demonstrate to stakeholders and customers that they have adequate business resilience arrangements in place.

This site provides a comprehensive range of BS25999 Business Continuity resources.

BS25999 Certification (registration)

BS25999 is a two-part standard:

• BS25999-1 is a Code of Practice for Business Continuity Management, which has been available since 2006.
• BS25999-2:2007 is a Specification for a Management Scheme, officially launched by BSI on 30 October 2007, and available with effect from 20 Nov 2007.

Part 2, the management scheme specification, makes it possible for organizations to have their business continuity management arrangements independently certified by external auditors and, thereby, provide stakeholders, customers and insurers with a real degree of comfort about the rigour with which the business continuity efforts were developed.   

This is a development of major importance for all organizations. The Route Map to Business Continuity Management: Meeting the Requirements for BS25999 is the best-selling guide to certification under this new standard and the BS25999 Introductory Kit is probably the best introductory collection available.

At IT Governance, we are supporting organizations pursuing BS25999 in every way possible.

Other Important Business Continuity Standards

BS25777, ICT Service Continuity Management, has now been issued and replaces PAS77. BS25777 provides specific ITC continuity guidance within the context of BS25999.

ISO/IEC 24762, the ICT Disaster Recovery Standard, provides specific guidance for organisations around the provision (either in-house or outsourced) of disaster recovery facilities.

International BCM Standard

An international Business Continuity Planning Management standard is also under development. A number of nationally-originated standards and guidelines are being considered as part of the internationalisation process. These include: