BCI Glossary

Question 1

One or more tasks undertaken by, or for an organization, that produces or supports the delivery of one or more products and services.

Answer 1

Activity or activities

Question 2

The Professional Practice within the business continuity management lifecycle that reviews and assesses an organization to identify its objectives, how it functions and the constraints of its operating environment.

Answer 2

Analysis (PP3)

Question 3

A systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.

Answer 3

Audit

Question 4

The capability of the organization to continue delivery of products or services at acceptable pre-defined levels following a disruptive incident.

Answer 4

Business Continuity (BC)

Question 5

A holistic management process that identifies potential threats to an organization and the impacts to business operations those threats, if realized, might cause, and which provides a framework for building organizational resilience with the capability of an effective response that safeguards the interests of its key stakeholders, reputation, brand and value-creating activities.

Answer 5

Business Continuity Management (BCM)

Question 6

The ongoing cycle of activities of the business continuity programme, that build organizational resilience.

Answer 6

Business Continuity Management (BCM) Lifecycle

Question 7

Part of the overall management system that establishes, implements, operates, monitors, reviews, maintains and improves business continuity.

Answer 7

Business Continuity Management System (BCMS)

Question 8

Documented procedures that guide organizations to respond, recover, resume, and restore to a pre-defined level of operation following disruption.

Answer 8

Business continuity plan (BCP)

Question 9

The ongoing management and governance process supported by top management and appropriately resourced to implement and maintain business continuity management.

Answer 9

Business continuity programme

Question 10

The time frames and resources, and capabilities necessary to continue to deliver the prioritised products, services, processes, and activities following a disruption.

Answer 10

Business continuity requirements

Question 11

The process of analysing activities and the effect that a business disruption might have upon them.

Answer 11

Business impact analysis (BIA)

Question 12

The ability to apply knowledge and skills to achieve intended results.

Answer 12

Competence

Question 13

A recurring activity to enhance performance.

Answer 13

Continual improvement

Question 14

A situation with a high level of uncertainty that disrupts the core activities and/or credibility of an organization and requires urgent action.

Answer 14

Crisis

Question 15

The Professional Practice within the business continuity management lifecycle that identifies and selects appropriate solutions to determine how continuity can be achieved in the event of an incident.

Answer 15

Design (PP4)

Question 16

The Professional Practice that defines how to integrate business continuity awareness and practice into business as usual activities.

Answer 16

Embedding (PP2)

Question 17

The process to train for, assess, practice, and improve performance in an organization.

Answer 17

Exercise

Question 18

The Professional Practice within the business continuity management lifecycle that implements the solutions agreed in the Design stage. It also includes developing the business continuity plans and a response structure.

Answer 18

Implementation (PP5)

Question 19

A situation that might be, or could lead to, a disruption, loss, emergency or crisis.

Answer 19

Incident

Question 20

A person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity.

Answer 20

Interested party

Question 21

The act of declaring that an organization’s business continuity arrangements need to be put into effect in order to continue delivery of key products or services.

Answer 21

Invocation

Question 22

The time it would take for adverse impacts, which might arise as a result of not providing a product/service or performing an activity, to become unacceptable.

Answer 22

Maximum acceptable outage (MAO)

Question 23

The time it would take for adverse impacts, which might arise as a result of not providing a product/service or performing an activity, to become unacceptable.

Answer 23

Maximum tolerable period of disruption (MTPD)

Question 24

The minimum level of services and/or products that is acceptable to the organization to achieve its business objectives during a disruption.

Answer 24

Minimum Business Continuity Objective (MBCO)

Question 25

The person or group of people that has its own functions with responsibilities, authorities and relationships to achieve its objectives.

Answer 25

Organization

Question 26

The ability of an organization to absorb and adapt in a changing environment.

Answer 26

Organizational resilience

Question 27

The values, attitudes and behaviour of an organization that contribute to the unique social and psychological environment in which it operates.

Answer 27

Organizational culture

Question 28

People working for and under the control of the organization.

Answer 28

Personnel

Question 29

Provides the intentions and direction of an organization as formally expressed by its top management.

Answer 29

Policy

Question 30

The Professional Practice that establishes the organization’s policy relating to business continuity and defines how the policy should be implemented throughout the business continuity programme.

Answer 30

Policy and Programme management (PP1)

Question 31

The activities to which priority must be given following an incident in order to mitigate impacts.

Answer 31

Prioritised activities

Question 32

A set of interrelated or interacting activities which transforms inputs into outputs.

Answer 32

Process

Question 33

Beneficial outcomes provided by an organization to its customers, recipients and interested parties.

Answer 33

Products and services

Question 34

The point to which information used by an activity must be restored to enable the activity to operate on resumption.

Answer 34

Recovery point objective (RPO)

Question 35

The period of time following an incident within which a product or service must be resumed, or activity must be resumed, or resources must be recovered.

Answer 35

Recovery time objective (RTO)

Question 36

All assets, people, skills, information, technology (including plant and equipment), premises, and supplies and information (whether electronic or not) that an organization has to have available to use, when needed, in order to operate and meet its objective.

Answer 36

Resources

Question 37

The effect of uncertainty on objectives.

Answer 37

Risk

Question 38

The overall process of risk identification, risk analysis and risk evaluation.

Answer 38

Risk assessment

Question 39

Coordinated activities to direct and control an organization with regard to risk.

Answer 39

Risk management

Question 40

An exercise whose aim is to obtain an expected, measurable pass/fail outcome.

Answer 40

Test

Question 41

A potential cause of an unwanted incident, which can result in harm to individuals, the environment or the community.

Answer 41

Threat

Question 42

A person or group of people who directs and controls an organization at the highest level.

Answer 42

Top management

Question 43

The Professional Practice within the business continuity management lifecycle that confirms that the business continuity programme meets the objectives set in the policy and that the plans and procedures in place are effective. It includes exercising, maintenance and review activities.

Answer 43

Validation (PP6)