ENISA report on business and IT service continuity provides global perspective on emerging and existing standards

The European Network and Information Security Agency (ENISA) issued a report today bringing together business and IT service continuity best practice, methods and tools to enhance organisations’ capability for dealing with network and information security (NIS) threats.

ENISA said: ‘Firms are provided a single point from which they can assess how to implement business continuity management within their organisations. This will enable them to identify potential NIS risks to critical business processes and the infrastructure needed to restore and keep them running. While the UK, USA, Canada, Australia, New Zealand and Singapore continue to be innovators in this field, ENISA found little information on current practices in Central Europe. The report therefore equips other countries with knowledge about best practice from around the world and encourages the take-up of state-of-the-art solutions.’

There are a number of emerging, and overlapping, business continuity standards. ENISA said the report utilises the knowledge of these various methods and tools, represents them on an overview process diagramme and compares them to enable organisations to understand which approach and infrastructure best suits their needs. In an effort to overcome the lack of common language across the different standards, the Agency has also produced a glossary which cross references different terms with similar elements.

“In addition to being better prepared in the event of a crisis, business continuity has financial benefits.


ENISA executive director Andrea Pirotti explained the integral role business continuity plays in good management practice and corporate governance: “Disruptive incidents, such as malicious IT attacks or even a simple loss of critical data, call into question an organisation’s ability to continue to provide its key services. Business needs tools to mitigate risk and having an NIS business continuity plan is one step in the right direction.”

ENISA added: ‘In addition to being better prepared in the event of a crisis, business continuity has financial benefits. For example, many insurance companies offer discounts to firms with risk assessment and management plans while investors are more attracted to companies able to curb NIS risks.’