GTAG — Conclusion/Summary




            8.  Conclusion/Summary


            BCM is an important risk management program designed to
            protect companies from potential significant consequences
            related to events that can disrupt critical business processes.
            The CAE can help the organization understand the risks and
            the options to create an effective BCM program. Managers
            throughout the organization must be held accountable for
            appropriately managing the risks associated with disruption
            of the business operations and associated functions within
            their organization.
              A  BCM  program  provides  the  framework  for  making
            appropriate risk mitigation decisions and building organiza-
            tion resilience. Critical business processes must be recovered
            to support the recovery of critical business operations. The
            BCM program enables an organization to maintain recovery
            capabilities, including organizational capabilities and knowl-
            edge, systems and information recovery, resource restoration
            and procurement, supplier management, and alignment with
            emergency management processes.
              The BCM program should be designed to maintain and
            grow  the  business  continuity  capabilities  continuously.
            Effective maintenance of the BCM capabilities must include
            regular training of staff, periodic exercises (including resolu-
            tion of any identified gaps and management commitment to
            the program), audit assessments of the BCM program and
            business unit capabilities, and continual improvement of the
            BCM program.








































                                                             21