Which BCP Standard for Your Company?
When considering which standard the BCP program at your company should be based on some look to these for consideration:
- ASIS SPC.1-2009, National Standard: Organizational Resilience Standard.
- DRII Professional Practices for Business Continuity Planners.
- NFPA 1600.
Since BSI has not been offered for this discussion point, I believe that NFPA 1600 has the most viability for the municipality organization. This is not simply because of the nature of emergency management in the public sector, but also because NFPA 1600 offers the widest interpretation of guidelines while still ensuring that there is some strictness in implementation (opinion).
Annex C of the NFPA 1600 provides a very useful rubric which can be used immediately, simply, and at a high level to determine the current status of an organization. [1] This self assessment for conformity can be used to identify key weaknesses and help begin a program management process that focuses on those areas in most need of improvement.
With the extremely tight budgets these days and a slow to recover economy, cities and counties are simply not able to implement the full array of guideline adherence typically found in the 10 professional practices of DRII.
While the ASIS standard does specify threats and hazards assessment and can be very helpful to the private sector, it focuses a great deal on topic areas not particularly useful to a public sector entity, particularly a small town under 100,000 population.
[1] NFPA (Dec 2009). “NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity Programs 2010 Edition. Annex C Self Assessment for Conformity with NFPA 1600, 2010 Edition“. Retrieved 1-29-11: http://www.nfpa.org/assets/files/PDF/NFPA16002010.pdf
Business Continuity Management | blogadmin January 25, 2011 | 
Comments Off