BS 25999 is the British standard for Business Continuity Management. It is split into two parts:
BS 25999-1 is a code of practice, providing general guidance on the processes, principles, and terminology used in Business Continuity.
BS 25999-2 provides a formal set of requirements for implementing a Business Continuity
BS 25999-2 was important, as it was the first standard for Business Continuity that an organization could actually be audited against. A company could thus say it that it was BS 25999 compliant, rather like it might say its quality standards were ISO 9000 compliant.
BS 25999-2 was replaced by International Standard ISO 22301:2012, Societal Security — Business Continuity Management Systems — Requirements.
You are welcome to use these definitions for any purpose provided that an acknowledgement is made
to www.RiskyThinking.com and (if you're using HTML) you provide a link back to this site.
If you are an industry professional, consider subscribing to the free
Risky Thinking Newsletter for articles, insights,
and commentary on risk, business continuity, and security. It's low volume: we don't send
out the newsletter unless there is something interesting to say!