Business continuity: strategic guidance for NHS health boards

Section 6: Glossary

Audit

A systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled

Source: ISO 22301:2019

Business Continuity (BC)

The capability of the organisation to continue delivery of products or services at acceptable predefined levels following disruptive incident.

Source: ISO 22301:2019

Business Continuity Management (BCM)

A holistic management process that identifies potential threats to an organisation and the impacts to business operations those threats, if realised, might cause, and which provides a framework for building organisational resilience with the capability of an effective response that safeguards the interests of its key stakeholders, reputation, brand and value-creating activities.

Source: ISO 22301:2019

Business Continuity Plan (BCP)

Documented procedures that guide organisations to respond, recover, resume, and restore to a predefined level of operation following disruption.

Source: ISO 22301:2019

Business Impact Analyses (BIA)

The process of analysing activities and the effect that a business disruption might have upon them.

Source: ISO 22301:2019

Cabinet Office Civil Contingencies Secretariat (CCS)

Executive department of the UK Cabinet Office responsible for emergency planning in the UK

Source: UK Government

Competence

The ability to apply knowledge and skills to achieve intended results.

Source: ISO 22301:2019

Crisis

A situation with a high level of uncertainty that disrupts the core activities and/or the credibility of an organisation and requires urgent action.

Source: ISO 22301:2019

Exercise

The process to train for, assess, practice, and improve performance in an organisation.

Source: ISO 22301:2019

Health EPRR

Health Emergency Preparedness, Resilience and Response Division, part of Health and Social Care Directorate

Source: Scottish Government

Implementation (PP5)

Implementation is the Professional Practice within the business continuity management lifecycle that implements the solutions agreed in the design stage. It also includes developing the business continuity plans and a response structure.

Source: Good Practice Guidelines (GPG) Edition 7.0 | BCI (thebci.org) GPG 2018

Incident

A situation that might be, or could lead to, a disruption, loss, emergency or crisis.

Source: ISO 22301:2019

Organisation

The person or group of people that has its own functions with responsibilities, authorities and relationships to achieve its objectives.

Source: ISO 22301:2019

Organisational Resilience

The ability of an organisation to absorb and adapt in a changing environment.

Source: ISO 22316:2017

Policy

The business continuity policy provides the intentions and direction of an organisation as formally expressed by its top management.

Source: ISO 22301:2019

Process

A set of interrelated or interacting activities which transforms inputs into outputs.

Source: ISO 22301:2019

Resources

All assets, people, skills, information, technology (including plant and equipment), premises, and supplies and information (whether electronic or not) that an organisation has to have available to use, when needed, in order to operate and meet its objectives.

Source: ISO 22301:2019

Risk

The effect of uncertainty on objectives

Source: ISO/IEC Guide 73

Risk Assessment

The overall process of risk identification, risk analysis and risk evaluation.

Source: ISO/IEC Guide 73

Risk Management

Coordinated activities to direct and control an organisation with regard to risk.

Source: ISO/IEC Guide 73

Senior management

A person or group of people who directs and controls an organisation at the highest level.

Source: ISO 22301:2019

Test

An exercise whose aim is to obtain an expected, measurable pass/fail outcome.

Source: ISO 22301:2019

Threat

A potential cause of an unwanted incident, which can result in harm to individuals, the environment or the community.

Source: ISO 22301:2019

Sources correct as of October 2023