The BCI Professional Recognition Programme provides an international structure for the Certification of business continuity practitioners. It creates a benchmark for the assessment of best practice and encourages the enhancement and further development of related skills. The Certification is based on a set of ten standards known as the Certification Standards for Business Continuity professionals, which have been accepted internationally. Each element links with the other elements to form the continuum of business continuity management.

Certification at Associate, Specialist and Member level is by Scored Assessment and at Fellow level by Scored Assessment and Structured Interview. See the 'Join the BCI section' for more details of our assessment schemes.

Certification is not required for Affiliate or Student grades.

THE TEN CERTIFICATION STANDARDS FOR PROFESSIONAL PRACTITIONERS

Business Continuity Management is defined as an holistic management process that identifies potential impacts that threaten an organisation and provides a framework for building resilience with the capability for an effective response that safeguards the interests of its key stakeholders, reputation and value creating activities.

Its primary objective is to allow the Executive of an organisation to continue to manage their business under adverse conditions, by the introduction of appropriate resilience strategies, recovery objectives, business continuity and crisis management plans in collaboration with, or as a key component of, an integrated risk management initiative.

The ten subject areas listed below cover the competencies required by a professional practitioner in order to deliver effective Business Continuity Management. They are not presented in any particular order of importance or sequence.  

A comprehensive explanation of each standard is contained in a detailed Acrobat PDF file :click here to download.

SUBJECT AREA OVERVIEW

1. Initiation and Management

Establish the need for a Business Continuity Management (BCM) Process or Function, including resilience strategies, recovery objectives, business continuity and crisis management plans and including obtaining management support and organising and managing the formulation of the function or process either in collaboration with, or as a key component of, an integrated risk management initiative.

2. Business Impact Analysis

Identify the impacts resulting from disruptions and disaster scenarios that can affect the organisation and techniques that can be used to quantify and qualify such impacts. Identify time-critical functions, their recovery priorities, and inter-dependencies so that recovery time objectives can be set.

3. Risk Evaluation and Control

Determine the events and external surroundings that can adversely affect the organisation and its resources (facilities, technologies, etc.) with disruption as well as disaster, the damage such events can cause, and the controls needed to prevent or minimise the effects of potential loss. Provide cost-benefit analysis to justify investment in controls to mitigate risks.

4. Developing Business Continuity Management Strategies

Determine and guide the selection of possible business operating strategies for continuation of business within the recovery point objective and recovery time objective, while maintaining the organisation’s critical functions.

5. Emergency Response and Operations

Develop and implement procedures for response and stabilising the situation following an incident or event, including establishing and managing an Emergency Operations Centre to be used as a command centre during the emergency.

6. Developing and Implementing Business Continuity and Crisis Management Plans

Design, develop, and implement Business Continuity and Crisis Management Plans that provide continuity within the recovery time and recovery point objectives.

7. Awareness and Training Programmes

Prepare a programme to create and maintain corporate awareness and enhance the skills required to develop and implement the Business Continuity Management Programme or process and its supporting activities.

8.Maintaining and Exercising Business Continuity and Crisis Managements Plans

Pre-plan and co-ordinate plan exercises, and evaluate and document plan exercise results. Develop processes to maintain the currency of continuity capabilities and the plan document in accordance with the organisation’s strategic direction. Verify that the Plan will prove effective by comparison with a suitable standard, and report results in a clear and concise manner.

9. Crisis Communications

Develop, co-ordinate, evaluate, and exercise plans to communicate with internal stakeholders (employees, corporate management, etc.), external stakeholders (customers, shareholders, vendors, suppliers, etc.) and the media (print, radio, television, Internet, etc.).

10. Co-ordination with External Agencies

Establish applicable procedures and policies for co-ordinating continuity and restoration activities with external agencies (local, state, national, emergency responders defence, etc.) while ensuring compliance with applicable statutes or regulations.

These standards are published in co-operation with the Disaster Recovery Institute International of the USA and are used by both bodies in their certification programmes.  (September 2003)