Business Continuity Management Consultant

Job Description

• Conduct a thorough analysis of the current business continuity and risk management practices. Identify gaps and areas for improvement relative to ISO 22301 and ISO 31000 standards and other related standards and best practices
• Create a scalable and adaptable business continuity and risk management framework. Ensure the framework supports all critical business functions and complies with international standards.
• Identify and engage internal and external stakeholders. Develop communication plans to keep stakeholders informed and involved.
• Develop or revise policies and procedures that support risk management and business continuity goals according to ISO 22301 and ISO 31000.
• Design and deliver training programs for staff at all levels to ensure they understand their roles in risk management and business continuity.
• Plan and conduct tests to validate the effectiveness of the business continuity plans and risk response strategies.
• Carry out comprehensive risk assessments to identify potential threats to business operations. Utilize risk assessment tools aligned with ISO 31000 guidelines.
• Perform BIAs to determine and prioritize the critical business functions that will require recovery strategies
• Develop strategies to mitigate identified risks, including transfer, avoidance, reduction, and acceptance
• Build actionable plans for response and recovery. Plans should detail step-by-step processes for various scenarios.
• Ensure that business continuity plans are integrated with internal processes and IT systems to enable swift and coordinated response to incidents
• Establish mechanisms for updating and refining business continuity and risk management plans as the organization changes and grows.
• Define and track key performance indicators (KPIs) related to risk management and business continuity readiness.
• Regularly schedule audits to ensure compliance with ISO 22301 and ISO 31000 and to identify areas for improvement.
• Maintain comprehensive documentation for all processes, assessments, plans, and tests conducted
• Develop and maintain a crisis communication plan that includes contact lists, templates, and protocols for communicating with internal and external stakeholders during a disruption.
• Regularly verify that the business continuity and risk management practices meet all legal, regulatory, and standard requirements.
• Guide the organization through the process of obtaining ISO 22301 and ISO 31000 certification, if desired.

Qualifications

Certificates:

• ISO22301 Lead Implanter or auditor
• ISO31000 Manager
• CBCI CRISC

n