In order to meet the never-ending changes in, for example, risks and dependencies there can be a need to focus on the protection of vital societal/business functions and critical infrastructure. And to perform the work in a continuous process that is developed and updated in line with alterations to business/society and its challenges.
Work with risk management, business continuity management and the managing of events are all connected and supplement each other in the context of systematic security management and the framework includes:
- Risk management.
- Business continuity management.
- Managing events/incidents/crisis.
Risk management includes identifying, processing, evaluating, managing and controlling risks, for example, in the context of RVA and/ or Risk Management Standard ISO 31000.
Business continuity management in accordance with the standard ISO 22301.
Planning for the managing of various events, ranging from incidents to crisis (for example according to the standard ISO 22320).