Survivability and Business Continuity Management System According to BS 25999

In this paper, a new model is presented for evaluating the performance of a business continuity management system according to BS 25999. This model is able to calculate the survivability ex-ante if the key performance indicator for the effectiveness exists. Performance is based fundamentally on the system´s business continuity plans and disaster recovery plans. Typically, the performance of these plans is evaluated by a number of specific exercises at various intervals and, in many cases, with a variety of targets. Furthermore, these specific exercises are rerun after a longer period (ges a year) and then often only partially. If a company is interested in taking performance measurements over a shorter period, obstacles and financial restrictions are often encountered. Furthermore, it is difficult for companies to give an ex-ante statement of their survival in the case of a disaster. Two key performance indicators are presented that allow the performance of a business continuity management system to be evaluated according to BS 25999. Using these key performance indicators, the probability of survival can be estimated before extreme events occur.