BS 25999

BS 25999 – Business continuity management

Published under Risk Management
Title: BS 25999-1:2006 - Business continuity management Part 1: Code of practice
Note: this is only part one of BS 25999, which was published in November 2006. Part two (which should contain more specific criteria with a view of possible accreditation) is yet to appear.
Source reference:
(Note: this is a reference to the BSI page where the standard can be acquired. However, the standard is not free of charge, and its provisions are not publicly available. For this reason, specific provisions cannot be quoted).
Topic: Standard containing a business continuity code of practice.
Direct / indirect relevance Direct. The text is a direct code of practice for business continuity management.
Scope: Not publicly available BSI standard, which can be voluntarily implemented.
Legal force: Nonbinding BSI standard.
Affected sectors: Generic. The standard can be implemented in any sector confronted by business continuity requirements.
Relevant provision(s): The standard is not free of charge, and its provisions are not publicly available. For this reason, specific provisions cannot be quoted.

The publicly available BSI abstract describes the standard as follows:

“BS 25999-1:2006 is a code of practice that takes the form of guidance and recommendations. It establishes the process, principles and terminology of business continuity management (BCM), providing a basis for understanding, developing and implementing business continuity within an organization and to provide confidence in business-to-business and business-to-customer dealings.”

Relevance to RM/RA: The standard is intended as a code of practice for business continuity management, and will be extended by a second part that should permit accreditation for adherence with the standard. Given its relative newness, the potential impact of the standard is difficult to assess, although it could be very influential to RM/RA practices, given the general lack of universally applicable standards in this regard and the increasing attention to business continuity and contingency planning in regulatory initiatives.

Application of this standard can be complemented by other norms, in particular PAS 77:2006 - IT Service Continuity Management Code of Practice (see


Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies