Key Terms

The following table explains some of the key concepts and terms used in Business Continuity Planning (BCP).

A| B| C| D| E| F| G| H| I| J| K| L| M| N| O| P| Q| R| S| T| U| V| W| X| Y| Z| References

A

Assembly Area
The designated area at which employees, students, visitors and contractors assemble if evacuated from their building/site.

Audit
The method by which procedures and/or documentation are measured against pre-agreed standards.

Activation
The implementation of business continuity capabilities, procedures, activities, and plans in response to an emergency or disaster declaration; the execution of the recovery plan. Similar terms: Declaration, Invocation.

Alert
Notification that a potential disaster situation exists or has occurred; direction for recipient to stand by for possible escalation or activation of appropriate plans.

Back to Top

B

Backup
A method by which data, electronic or paper based, is copied in some form so as to be available and used if the original data from which it originated is lost, destroyed or corrupted.

Business Continuity Management
The complete set of activities and processes divided into various stages that are necessary to manage business continuity. Anticipating Incidents which may affect critical business functions and processes and ensuring that the organisation is capable of responding to such incidents in a planned and rehearsed manner.

Business Continuity Management Activity
An action or series of actions that form a part of a BCM process.

Business Continuity Management Group (BCMG)
Highest level of management for Business Continuity. The BCMG is responsible for invoking the BCP and for overseeing any recovery efforts, as well as acting as the committee who oversee the ongoing maintenance and development of the BCP.

Business Continuity Management Policy
A BCM policy sets out an organisation's aims, principles and approach to BCM, what and how it will be delivered, key roles and responsibilities and how BCM will be governed and reported upon.

Business Continuity Management Program
An ongoing management and governance method supported by senior management and resourced to ensure that the necessary steps are taken to identify the impact of potential losses, maintain viable recovery strategies and plans, and ensure continuity of products/services through exercising, rehearsal, testing, training, maintenance and assurance.

Business Continuity Management Team
A defined number of roles and responsibilities for implementing the Business Continuity Management Plan.

Business Continuity Plan
Documents describing the roles, responsibilities and actions necessary to resume business processes following a disruption at a faculty/divisional Level. This is known as the functional recovery plan.

Business Impact Analysis
A formal analysis of the effect on the business if a specific set of IS services are not available. It will also identify the minimum set of services that an organisation will require to continue operating.

Business Risk
The risk that external factors, such as a fall in demand for an organisations products or services, will result in unexpected loss. Business risk, if managed well, can also result in a competitive advantage being gained.

Back to Top

C

Back to Top

D

Denial of Access
The inability of a organisation to access and/or occupy its normal working environment. Usually imposed and controlled by the Emergency and/or Statutory Services.

Disaster Recovery Planning
The processes within Business Continuity Management that focus upon recovery from, principally, physical disasters.

Downtime
The total period that a service or component is not operational within an agreed service time. Measured from when a service or component fails to when normal operations recommence.

Back to Top

E

Emergency Services
Usually refers to the civil services of Police, Fire and Ambulance.

Emergency Management Plan
The principal function of the Emergency Plan is to ensure the safety of the campus community, with all persons observing and following instructions given by Security Officers and Building Wardens in the event of an emergency.

Escalation
Passing information and/or requesting action on an incident, problem or change to more senior staff (hierarchical escalation) or other specialists (functional escalation). The circumstances in which either vertical escalation for information/authority to apply further resources or horizontal escalation for greater functional involvement need to be precisely described, so that the purpose of the escalation and the nature of the required response is absolutely clear to all parties as the escalation occurs. Escalation rules will be geared to priority targets.

Event
Any occurrence that may lead to a business continuity incident.

Back to Top

F

Functional Recovery Team (FRT)
Comprises of key individuals from within a functional unit. These personnel take on business continuity responsibility within their area. A recovery team leader, who is a member of the IRT, manages the team. Individuals who have expertise in specific areas take on the BC responsibility for the recovery of key processes in their area. Alternates are to be nominated to protect against non availability of these key members

Back to Top

G

Back to Top

H

Hot Site
A site (data centre, work area) that provides a BCM facility with the relevant work area recovery, telecommunications and IT interfaces and environmentally controlled space capable of providing relatively immediate backup data processing support to maintain the organisation's critical operations.

Back to Top

I

Impact Analysis
The identification of critical business processes and the potential damage or loss that may be caused to the organisation resulting from a disruption to those processes, or perhaps from a proposed change. Business impact analysis identifies the form the loss or damage will take; how that degree of damage or loss is likely to escalate with time following an Incident; the minimum staffing, facilities and services needed to enable business processes to continue to operate at a minimum acceptable level; and the time within which they should be recovered. The time within which full recovery of the business processes is to be achieved is also identified.

Incident
An event which is not part of the standard operation of a service and which causes or may cause disruption to, or a reduction in, the quality of services and productivity and affect critical business operations.

Incident Response Team (IRT)
Responsible for the assessment and escalation of the incidents as they occur and for the recovery and restoration of normal business operations. IRT members follow the basic steps outlined in the Incident Response Plan to manage the initial response to an incident and escalate the incident to the BCMG if appropriate. They would then work under the direction of the BCMG.

Invocation
The act by which a Business Continuity plan is formally started.

Back to Top

J

Back to Top

K

Key Business Processes
Processes that are essential to delivery of outputs and achievement of business objectives. Business activities and resources are the essential elements that combine to make up each key business process. Loss of a key process in excess of MAO is a business interruption event.

Back to Top

L

Back to Top

M

Major Incident
An incident where the impact on the business is extreme.

Maximum Acceptable Outage (MAO)
The maximum timeframe a function /system/facility can be inoperable until it starts to affect the business operating effectively.

Back to Top

N

Back to Top

O

Offsite Location
A site at a safe distance from the primary site where critical data (computerised or paper) and/or equipment is stored from where it can be recovered and used at the time of a business continuity incident if original data, material or equipment is lost or unavailable.

Outage
Period of time that a service, system, method or business function is expected to be unusable or inaccessible which has a high impact on the organisation, compromising the achievement of the organisation's business objectives. An outage is different to 'downtime' where method or system failures happen as a part of normal operations, and where the impact merely reduces the short-term effectiveness of processes.

Back to Top

P

Plan Maintenance
The management method of keeping an organisation's BCM competence and capability up-to-date, fit-for-purpose and effective.


Back to Top

Q

Back to Top

R

Recovery Site
A site held in readiness for use during a Business Continuity incident to maintain the business continuity of the business' critical process/operations. The term applies equally to office or technology requirements.

Risk Management
The culture, processes and structures that are put in place to effectively manage potential opportunities and adverse effects. As it is not possible or desirable to eliminate all risk, the objective is to implement cost effective processes that reduce risks to an acceptable level, reject unacceptable risks and treat risk by financial interventions i.e. transfer other risks through insurance or other means, or by organisational intervention i.e. BCM.

Back to Top

S

Standdown
The BC Plan is no longer required to be followed and post recovery review is commenced.


Back to Top

T

Back to Top

U

Back to Top

V

Back to Top

W

Work Around
A process of avoiding an incident or problem, either by employing a temporary fix or technique that means an organisation is not reliant on system or function that is known to cause failure.

Back to Top

X

Back to Top

Y

Back to Top

Z

Back to Top

References

Australian National Audit Office, Business Continuity Management, http://www.anao.gov.au/uploads/documents/Business_Continuity_Management.pdf accessed 4/5/07

Bussiness Continuity Institute, Glossary of General Business Continuity Management Terms, http://www.thebci.org/Glossary.pdf accessed 4/5/07

ETP Consulting, Business Continuity Glossary [online], http://www.etpconsulting.co.uk/Business Continuity/business-continuity-glossary.htm accessed 23/9/05

Last reviewed: 4 May, 2007