Quite often there is confusion on terminology that is used in parlance. A univocal definition and univocal terminology usage adds to the insight and understanding of the matter. You will find a summary of the most inportant concepts used by BCM Academy below:

  • Audit
    A process assessment or audit is an independent investigation of the way an organisation, system, process or product functions.It is examined whether current requirements, standards, legislation and the like are actually followed and whether the organisation, system, process or product still is satisfactory.In this respect, the Auditor is the independent party doing the auditing and the Auditee is the person being interviewed by the auditor.
  • Availability
    Safeguards, enabling authorised users to timely have access to information and other capital equipment at the right moments.
  • Back up
    An exact and legible copy with electronic information to be used when the original information is lost.
  • Business Continuity Management (BCM)
    The management system as well as the measures with which, on the basis of a systematic approach, the unwanted internal and external effects on and threats to the business process can be limited to acceptable levels.
  • Business Continuity Plan (BCP)
    A compilation of plans applied for safeguarding the continuity of the operational management and the safety of employees in case of a calamity.
  • Business Impact Analysis
    An investigation as to what extent and how fast an organisation will be suffering material and immaterial damage when one or more (supporting) services or assets for business process implementation are unexpectedly no longer available.
  • Calamity (Disaster)
    An unexpected interruption of (critical) business processes threatening business continuity or employee safety.
  • Disaster Recovery Planning
    Taking care of (IT) services recovery as soon as possible after a calamity.
  • Corrective measures
    Measures aimed at object recovery after a risk having become manifest.
  • Crisis
    Such a situation that the functioning (of the organisation) becomes disrupted seriously.
  • Detection measures
    Measures aimed at recognising and locating risks.
  • Direct damage
    All forms of damage directly related to a risk becoming manifest.
  • ICT Relocation
    ICT services recovery at an alternative location.
  • Immaterial damage consequences
    Damage that cannot be expressed in terms of money.
  • Incident
    Disruption of the business process disturbance that can be solved by everyday procedure.
  • ITIL
    A process oriented method to gain and maintain control over the quality of IT services (Information
    Technology Infrastructure Library).
  • Off-site storage
    An alternative location where (copies of) vital information or other assets are securely stored.
  • Evacuation Plan
    The whole of procedures, facilities and (management) organisation to bring to safety all persons present at the calamity location in the shortest time possible.
  • Preventive measures
    Measures reducing the possibility of a risk becoming manifest.
  • Recovery Point Objective (RPO)
    The point in time to which data must be restored in order to resume processing transactions. RPO is the basis on which a data projection strategy is developed.
  • Recovery Time Objective (RTO)
    During the execution of disaster recovery or business continuity plans, the time goal for the re-establishment and recovery of business function or resources.
  • Relocating
    Implementing a plan which should enable an organisation to timely resume (parts of) the operational management at an alernative location after occurrence of a calamity.
  • Relocation centre
    An alternative location equipped with all facilities to resume (parts of) the operational management after a calamity.
  • Risk
    Risk is the chance of an event happening, multiplied by the impact of that event and the susceptibility. Susceptibility indicates how much room is left for the occurence of a threatening event, taking into account the existing measures. The impact can be positive as well as negative or neutral. The word ‘risk’ is mostly used in a negative sense. (Risk = Chance x Impact x Susceptibility).
  • Risk management
    Risk management is the identification and qauantification of risks and the assessment of controlling measures. Controlling measures are actions by which the chance of an occurring risk and its consequences are influenced.
  • Service Level Agreement (SLA)
    An SLA is an agreement in writing, having been negotiated by customer and supplier and valid for a specific period, in which agreements have been clearly and measurably documented with regard to the services or products to be delivered as well as the related mutual conditions and resposibilities.
  • Single point of failure
    A singular part of a system that, in case of failure, results in serious disruption.
  • Suppressive measures
    Measures by which the consequences of a manifesting risk are controlled.
  • Threat
    A situation that may have a harmful impact on the reliable functioning of a system or services. Becoming manifest and damaging, the threat has become an incident.
  • Worst Case Scenario
    A predetermined and an as serious as possible calamity, reckoned with in the BIA and the System of Measures.