1 PURPOSE

  1. This BCM manual contains documented statements of BCM Institute:
    • BC policy
    • BCM objectives
    • References the documented procedures required by ISO 22301:2012
    • Example: Process for business impact analysis and risk assessment (ISO 22301:2013 Clause 8.2.1)
    • Other documents needed to ensure effective planning, operation and control of our key processes.
  2. The level and type of BCMS documentation established for BCM Institute’s BCM programme are reviewed at appropriate intervals to ensure it remains appropriate for the complexity of the interactions of our core processes and the competence of our employees. BCMS documents and data exist in hard copy and electronic format.
  3. The BCMS documentation includes this BCM manual, BCM procedures, forms and other internal and external documents and data needed to manage, perform or verify work affecting BCM effectiveness and quality.

2 SCOPE

  1. This procedure helps to manage the documentation control for organisation’s BCMS; its associated procedures and the processes needed to implement our BC policy to achieve our BCM objectives. Each section of ISO 22301:2012 BCM Manual
  2. Any BCMS documentation which is utilised or generated is categorised into the following BCMS Documentation Hierarchy:
ier Document Type Purpose
1 BC Policy Key system driver of process inputs and objectives; statement of corporate vision
2 BCM Manual Describes corporate approach and responsibilities for monitoring, managing and meeting the BCMS requirement
3 BCM Procedures Describe the methods required for BCM process implementation
4 Work instructions Describe the operating practices and controls of each process
5 Forms Key system outputs; data, records, proof of conformance and evidence of verification

3 RESPONSIBILITY

  1. It is the Organization BCM Coordinator’s responsibility to maintain the organisation’s documentation control procedures.

4 PROCEDURE

4.1 Control of Documents

  1. All BCMS documents are controlled according to the Control of Documents Procedure (ISO 22301:2012 Clause 7.5) which defines the process for:
    • Reviewing and revising as necessary and re-approving.
    • Ensuring that changes and current revision status of documents are identified.
    • Ensuring those relevant versions of applicable documents are available at points of use.
    • Ensuring that documents remain legible and readily identifiable.
    • Ensuring that documents of external origin are identified and their distribution controlled.
    • Preventing the unintended use of obsolete documents.
  2. The company uses standard forms and a wiki-based software which are updated as required. Documents which must be controlled include but are not limited to the followings examples:
    1. BCM Manual
    2. BCMS Procedures
    3. Records
  3.  Controlled documents are identified with a document name and document number:
    • Procedures are prefixed P
    • Forms are prefixed F
    • Work instructions are prefixed W
    • A list of key BCMS documents; including all BCM procedures, forms and other key BCMS documents is located in “6. RELATED DOCUMENT”.

4.2 Control of Records

  1. Records established to provide evidence of conformity to the requirements specified by the ISO 22301:2012 standard, BCM requirements and of the effective operation of the BCMS are formally controlled through the application of the Control of Records Procedure.
  2. 4.2.2 Records which are controlled include but are not limited to those highlighted in “7. RECORD”.

5 DEFINITIONS

  1. Business Continuity Management
  2. Business Continuity
  3. BCM Manual
  4. BC Policy
  5. BCM Procedure
  6. Records

6 RELATED DOCUMENT

  1. Nil

7 RECORDS

  1. Report: Risk Assessment
  2. Report: Business Impact Analysis
  3. Report: Business Continuity Strategy
  4. Report: Test and Exercise
  5. Report: Management
  6. Report: Corrective Action

8 APPENDICES

  1. NA