An enterprise is exposed to risks - such as acts of terrorism, natural disasters and utility failure - which may disrupt operations, disaffect customers and compromise business credibility and revenue streams. Risk can also be introduced to an enterprise through changes - such as automation, down-sizing, process re-engineering or outsourcing of processes and services - each of which may also bring changes in the type of risk. This paper proposes a framework for the design, implementation and monitoring of a business continuity management programme within the context of an information strategy.
- business continuity management
- risk management
- information strategy