Tel No. (+91) 98440 42424

Business Continuity Management System (BCMS)

Welcome to SMCPL

The business continuity planning (BCP) is the creation of a strategy through the recognition of threats and risks facing a company, with an eye to ensure that personnel and assets are protected and able to function in the event of a disaster.

An organisation achieving ISO 22301 certification implies it has recovery and restoration capability for each outage scenario, be it technology, site, vendor, people/skill or any other dependency. We have a 7 phase approach that starts with understanding your business and continuity objectives. This is followed by Business Impact Analysis (BIA), and Risk Assessment (RA) to determine your minimum business continuity objectives.

Each of our ISO 22301 consulting assignment involves transfer of knowledge, skills, documented plans, and testing of each of those plans. We create two layer plans that includes restoration of minimum as well as full restoration.

We have implemented ISO 22301 for large Telecoms covering multiple locations, Financial Institutions, and Insurance Companies. Each of them are successfully ISO 22301 certified.

What makes us unique is our involvement in the engagement that ensures your business is capable of successful recovery. Our methodologies of understanding a business, business impact analysis, risk assessment, continuity strategies (focus on outage rather than events), individual restoration plans, Disaster Recovery Plans, rigorous testing, and zero defect ISO 22301 certification - each of these features contribute to a better return of your business continuity investment.

Our approach

We bring our world-class experience in delivery BCMS ISO 22301 implementation leading to successful certification.

Phase I

Understanding business objectives & business continuity objectives.

Phase II

Business impact analysis (BIA) and risk assessment.

Phase III

Management Strategy for recovery

Phase IV

Documenting and communication individual plans.

Phase V

Testing each of the Individual Plans.

Phase VI

Internal Audit.

Phase VII

ISO 22301 certification audit has two stages:   Stage 1 - Documentation Audit, and, Stage 2 - implementation verification

Over all BCMS Plan and Implementation


SMCPL monitors changes in SMCPL’s Business Environment that may affect our business continuity. The monitoring targets are factors that may cause possible business disruptions.
SMCPL performs periodic assessments (at least annually) of various risks that may lead to business disruptions. The risks are identified through research and information gathered from various sources.
SMCPL performs periodic BIAs; SMCPL estimates the Business Impact of an outage of critical processes and implements appropriate actions to manage risks. Through qualitative/quantitative analysis of impacts that affect our business, MTPD, RTO, and MBCO are determined and resources required for recovery are identified.
MTPD is the maximum level of timeframe that company can tolerate in the event of disruption. In order to estimate the impact from disruption, SMCPL has taken major financial factors into account and determined MTPDs per each unit processes.
The target time period to recover the critical processes of the company; SMCPL has determined the objective time period within tolerable amount of impact and losses through quantitative/qualitative assessments.
MBCO is set by senior management, which is the minimum business continuity level (based on production capacity) within recovery time objective. BCP strategy and resources are formulated to achieve this objective.


SMCPL sets BCP strategies necessary for business recovery based on the processes and resources identified during the ‘Analysis (Risk Assessment & Business Impact Analysis)’ phase. BCP strategies include equipment/utility recovery, procurement, human resource management, back-up workspace, and etc..


The Business Continuity Plans of SMCPL are defined into three tiers – Corporate/Site/Team (Department) Levels. Each plans specify pre-defined procedures describing immediate responses and recoveries to react upon business disruptions caused by accidents/disasters. Each plans are periodically updated based on the results of internal review, test, and exercise results.
Corporate level plan refers to Business Continuity Management System (BCMS) policy and procedures that provide principles and standards on Business Continuity Management System (BCMS), organization, activities and execution.
Site level plans define roles, responsibilities, and recovery procedures that the command center and each recovery units should act upon.
Team (Department) level plans define roles, responsibilities, and recovery procedures that each teams under recovery units should act upon.


Each teams at SMCPL has designated plan owners who review and test their plans to inspect the effectiveness, appropriateness, and efficiency of each plans.
Exercises are periodically performed to test the plans, encourage business continuity culture, and to fix clear roles and responsibilities of individuals under disasters/accidents. Through exercises, each teams (departments) and individuals familiarize with the procedures defined in the plans, and test the effectiveness to improve the plans.
The results of tests and exercises are escalated up to senior management for final review to ensure Business Continuity management and the plans are sound, and continuously updated.