Contact Us Today 01642 716680

Business Continuity Management

Definition: Business Continuity Management is the practice of planning and preparing for potential disruptions to regular business operations. BCM includes processes and procedures that ensure an organisation's critical business functions continue to operate or recover promptly following a serious incident or disaster.

Effective BCM encompasses risk identification, impact analysis, and development of response strategies to counteract interruptions to business processes. It also involves the continuous maintenance, review, and testing of these strategies to ensure readiness. The primary objective of BCM is to minimise the operational, financial, legal, and reputational impacts of disruptions.

In the context of cyber security, BCM plays a crucial role in preparing for and managing incidents such as cyber attacks, data breaches, and system failures. It involves coordination between various disciplines, including IT disaster recovery, crisis management, and incident response.

Key Characteristics:

  • Risk Assessment: Identifying potential threats to business operations and assessing their likelihood and potential impact.
  • Business Impact Analysis (BIA): Determining the effect of a disruption on the organisation’s critical functions and processes.
  • Strategy Development: Formulating responses and recovery tactics to ensure business continuity under adverse conditions.
  • Testing and Maintenance: Regular exercises to validate the effectiveness and update the business continuity plans as necessary.


  • Real-World Example: An organisation activates its BCM plan following a ransomware attack that encrypts key operational systems, using predefined processes to maintain critical functions.
  • Hypothetical Scenario: A financial services company experiences a power outage in their data centre but continues operations seamlessly through predefined failover mechanisms to a secondary location as per their BCM strategy.

Related Terms:

  • Disaster Recovery (DR): A focused subset of BCM specifically dedicated to restoring IT and technological infrastructure after a crisis.
  • Crisis Management: The overall coordination of an organisation’s response to a crisis in a way that deals with the immediate aftermath and operational consequences.
  • Incident Response: The methodology an organisation uses to respond to and manage a cyber attack or data breach, typically included within a BCM framework.

Related Services:

What is the OWASP Top 10: Download our flash cards to find out.

Inside you will find a description of the most common web vulnerabilities.

Contact us

Get a free, no obligation quote from one of our expert staff.