60 second interview:
The Business
Continuity Institute
 |
, the international technical director of the Business Continuity Institute (BCI) discusses the organization’s global presence and the crucial importance of business continuity |
When was the BCI formed and why?
The BCI was formed in 1994, by a group of business continuity management professionals from the UK with a few colleagues from the US and Australia. At the time it was not a particularly well known subject, so the BCI was formed as a not-for-profit organization to promote business continuity and to establish credibility for the discipline and its experts.
Since 1994, the institute has grown to more than 5,000 members in 88 different countries. Interest in business continuity is rapidly increasing and we have doubled in size in the last three years, with most of that growth from outside of the UK.
Do you have operations based outside the UK?
Yes, we have formal chapters in the US, Australia, Japan, Canada, Switzerland, Singapore and Scandinavia with plans for India and South Africa to follow soon, plus representation in about 30 other countries around the world.
Who are the BCI’s members?
Our members can be anyone employed in a full-time business continuity management role. The vast majority of our members are employed in business continuity management jobs but we also have consultants, trainers, academics and auditors who are qualified in business continuity management. In terms of sector. 40% of our members work in finance, but we have also had a big uptake in the public sector in the last couple of years.
Membership offers recognition for business continuity professionals, as they must have a minimum of one year’s experience in a full-time business continuity role to become an associate member, or three years for full membership. They must also pass an entrance exam. We offer affiliate membership for anyone who is interested in business continuity, but not professionally active.
Why do you think interest in business continuity is increasing?
In recent years there have been a lot of different drivers to make people take business continuity more seriously. In the UK, the IRA attacks caused people to look more formally at dealing with crises and emergencies, while in the US the IT industry has been a real commercial driver. In other countries, sich as Australia, corporate governmence requirements to support national infrastructures have been an important driving force.
There has also been added pressure of high profile topics such as climate change and pandemics, as well as regulations such as the Civil Contingencies Act in the UK. All these factors have come together to make organizations recognize the need to perform business continuity in a more formal way.
What has been the impact of BS 25999?
BS 25999 has highlighted to organizations that business continuity is not just a general, common sense thing. It offers a standardized business process to be followed and in an interconnected world organizations need to feel confident about who they’re operating with.
Part 1 of BS 25999 is a code of practice that helpfuls organizations to understand what business continuity management means and what needs to be done to comply with a sensible international level of business continuity. This is useful because if you ask people about their organization’s business continuity plans, most people don’t understand the question. Codifying the subject, so that everybody is using a consistent language is one of the advantages of standardization.
Are there any international standards?
Currently ISO 22301 is in development and is expected to be available at the end of 2010. It is labeled operational continuity rather than business continuity, but it’s in the same field. There will be some material coming in from Australian and American standards, but I would say that 75-80% of the ISO standard is the same as BS 25999.
There is also a big initiative in the US to develop a new standard that will be accepted by Homeland Security. The current US standard, NSBA 16000, is seen as inappropriate by most people for business continuity. The British Standards Institute is currently working with the American Society for Industrial Security to develop the new standard. Global corporations that don’t use ISO 22301 are probably going to be mostly influenced by this new US standard or BS 25999.
What do you think the future holds for business continuity?
The drivers we have seen in recent years are only going to become more important. New regulations and exposure to threats from pandemics or terrorist attacks have made organizations reflect on how they could cope without certain resources.
The financial crisis has also increased the demands for regulation, especially in the financial sector. The implications of these regulatory changes will need organizations to be able to guarantee financial stability, and financial stability requires operational continuity.
Finally, the real need to encompass business continuity management right across the supply chain is gaining wide acceptance.
For more information, visit the Business Continuity Institute's website
 |
 Have an issue to raise? A question to ask? Give us your opinions now in the Online Forums. |