Glossary

Question 1

Activity or activities

Answer 1

One or more tasks undertaken by, or for organisation, that produces or supports delivery of one or more products and services.
GPG 2018

Question 2

Analysis (PP3)

Answer 2

Analysis is Professional Practice within BC management lifecycle that reviews and assesses an organisation to identify its objectives, how it functions, and constraints of its operating environment.
GPG 2018

Question 3

Audit

Answer 3

Systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine extent to which audit criteria are fulfilled.
ISO 22301:2012

Question 4

Business Continuity (BC)

Answer 4

Capability of organisation to continue delivery of products and services at acceptable predefined levels following disruptive incident.
ISO 22300:2012

Question 5

Business Continuity management

Answer 5

A holistic management process that identifies potential threats to organisation and impacts to business operations those threats, if realised, might cause, and which provides a framework for building organisational resilience with capability of an effective response that safeguards interests of its key stakeholders, reputation, brand and value-creating activities.
ISO 22301:2012

Question 6

Business Continuity Management (BCM) Lifecycle

Answer 6

Ongoing cycle of activities of BC programme, that build organisational resilience.
GPG 2013

Question 7

Business Continuity Management System (BCMS)

Answer 7

Part of overall management system that establishes, implements, operates, monitors, reviews, maintains and improves BC
ISO 22301:2012

Question 8

Business continuity plan (BCP)

Answer 8

Documented procedures that guide organisations to respond, recover, resume, and restore to a predefined level of operation following disruption.
ISO 22301:2012

Question 9

Business continuity programme

Answer 9

Ongoing management and governance process supported by top management and appropriately resourced to implement and maintain BC management.
ISO 22301:2012

Question 10

Business continuity requirements

Answer 10

Time frames and resources, and capabilities necessary to continue to deliver prioritised products, services, processes and activities following a disruption.
GPG 2018

Question 11

Business impact analysis (BIA)

Answer 11

Process of analysing activities and effect that a business disruption might have upon them.
ISO 22300:2012

Question 12

Competence

Answer 12

Ability to provide knowledge and skills to achieve intended results.
ISO 22301:2012

Question 13

Continual improvement

Answer 13

Recurring activity to enhance performance.

ISO 22301:2012

Question 14

Crisis

Answer 14

Situation with a high level of uncertainty that disrupts core activities and/or credibility of organisation and requires urgent action.
ISO 22300:2012

Question 15

Design (PP4)

Answer 15

Design is Professional Practice within BC management lifecycle that identifies and selects appropriate solutions to determine how continuity can be achieved in event of an incident.
GPG 2018

Question 16

Embedding (PP2)

Answer 16

Embedding is the Professional Practice that defines how to integrate BC awareness and practice into business as usual activities.
GPG 2018

Question 17

Exercise

Answer 17

Process to train for, assess, practice, and improve performance in an organisation.
ISO 22301:2012

Question 18

Implementation (PP5)

Answer 18

Implementation is the Professional Practice within BC management lifecycle that implements solutions agreed in Design stage. Also includes developing BC plans and a response structure.
GPG 2018

Question 19

Incident

Answer 19

A situation that might be, or could lead to, a disruption, loss, emergency or crisis.
ISO 22300:2012

Question 20

Interested party

Answer 20

A person or organisation that can affect, be affected by, or perceived themselves to be affected by a decision or activity.
ISO 22301:2012

Question 21

Invocation

Answer 21

Act of declaring an organisation’s BC arrangements need to be put into effect in order to continue delivery of key products or services.
ISO 22301:2012

Question 22

Maximum acceptable outage (MAO)

Answer 22

Time it would take for adverse impacts, which might arise as a result of not providing a product/service or performing an activity, to become unacceptable. See also MTPD.
ISO 22301:2012

Question 23

Maximum tolerable period of disruption (MTPD)

Answer 23

Time it would take for adverse impacts, which might arise as result of not providing a product/service or performing an activity, to become unacceptable. See also MAO.
ISO22301:2012

Question 24

Minimum Business Continuity Objective (MBCO)

Answer 24

Minimum level of services and/or products that is acceptable to organisation to achieve its business objectives during a disruption.
ISO 22301:2012

Question 25

Organisation

Answer 25

Person or group of people that has own functions with responsibilities, authorities and relationships to achieve its objectives.
ISO 22301:2012

Question 26

Organisational resilience

Answer 26

Ability of organisation to absorb and adapt in a changing environment.
ISO 22316:2017

Question 27

Organisational culture

Answer 27

Values, attitudes and behaviour of organisation that contribute to unique social and psychological environment in which it operates.
ISO 22316: 2017

Question 28

Personnel

Answer 28

People working for and under the control of organisation.

ISO 22301:2012

Question 29

Policy

Answer 29

BC policy provides intentions and direction of an organisation as formally expressed by its top management.
ISO 22301:2012

Question 30

Policy and Programme management (PP1)

Answer 30

Policy and Programme management is the Professional Practice that establishes organisation’s policy relating to BC and defines how the policy should be implemented throughout BC programme.
GPG 2018

Question 31

Prioritised activities

Answer 31

Activities to which priority must be given following an incident in order to mitigate impacts.
ISO 22300:2012

Question 32

Process

Answer 32

A set of interrelated or interacting activities which transforms inputs into outputs.
ISO 22301:2012

Question 33

Products and services

Answer 33

Beneficial outcomes provided by an organisation to its customers, recipients and interested parties.
ISO 22301:2012

Question 34

Recovery point objective (RPO)

Answer 34

Point to which information used by activity must be restored to enable activity to operate on resumption.
ISO 22301:2012

Question 35

Recovery time objective (RTO)

Answer 35

Period of time following an incident within which a product or service must be resumed, or activity must be resumed, or resources must be recovered.
ISO22301:2012

Question 36

Resources

Answer 36

All assets, people, skills, information, technology (including plant and equipment), premises, and supplies and information (whether electronic or not) that an organisation has to have available to use, when needed, in order to operate and met its objective.
ISO 22301:2012

Question 37

Risk

Answer 37

Effect of uncertainty on objectives.

ISO/IEC Guide 73

Question 38

Risk assessment

Answer 38

Overall process of risk identification, risk analysis and risk evaluation.
ISO/IEC Guide 73

Question 39

Risk management

Answer 39

Coordinated activities to direct and control and organisation with regard to risk.
ISO/IEC Guide 73

Question 40

Test

Answer 40

Exercise whose aim is to obtain an expected, measurable pass/fail outcome.
ISO 22300:2012

Question 41

Threat

Answer 41

Potential cause of unwanted incident, which can result in harm to individuals, the environment or the community.
ISO 22300:2013

Question 42

Top management

Answer 42

Person or group of people who directs and controls organisation at the highest level.
ISO 22301:2012

Question 43

Validation (PP6)

Answer 43

Validation is Professional Practice within BC management lifecycle that confirms that BC programme meets objectives set in policy and that plans and procedures in place are effective. It includes exercising, maintenance and review activities.
GPG 2018