A three part draft joint Australian and New Zealand Standard on 'Business continuity' (Management of disruption-related risk) was issued for public comment on 30 July 2009.
Every day, local, national, and world events remind organisations that things do not always go as expected. Sometimes this occurs with little or no warning. Even so, it's no longer acceptable for organisations – including governments – to have failed to recognise their exposure to the risks related to disruption and to have managed such risks effectively.
Draft Standard AS/NZS 5050:2009 Parts 1 to 3 explain how an organisation's management and governance systems can be adapted and, where necessary, strengthened, to achieve the goal of continuity (despite exposure to disruptive events or unanticipated change). It does so by applying the concepts and processes of the forthcoming international Standard on Risk management – to be known in Australia and New Zealand as AS/NZS/ISO 31000:2009.
Key features of draft AS/NZS 5050:2009 Parts 1 to 3 are as follows.
- Provides the world's first national business continuity management standard based on ISO 31000 – the successor to AS/ NZS 4360-2004.
- Builds upon the very successful HB-292 by incorporating latest thinking.
- Delivers resilience.
- Moves beyond other current business continuity management Standards by:
- Contemplating a complete range of disruption risks.
- Integrating seamlessly into risk management frameworks that are based on AS/NZS 4360:2004 and the forthcoming AS/NZS/ISO 31000-2009.
- Enabling businesses to protect cross organisational functions and departmental structures.
- Building flexible capability thereby allowing organisations to accommodate change, as well as unforeseen events and consequences.
- Allowing organisations to seize opportunities.
- Enabling organisations to prepare, respond, and adapt – in real time – to change and or disruptive events.
- Reflecting both precedent and the present organisational environment.
- Integrates with existing management system Standards including ISO 9001 (Quality management systems), ISO 14001 (Environmental management systems), ISO 27001 (Information security management), and ISO 28000 (Supply chain security management system), and is thus efficiently implemented.
- Integrates easily into existing assurance processes without imposing separate certification regimes or an additional compliance burden.
Note: The public consultation process on this draft Standard was delayed to ensure the Standard is completely aligned with the recently released final draft of ISO 31000.
Drafts are free to download from our website: www.standards.co.nz.