September 6, 2012
NRI SecureTechnologies, Ltd.
Tokyo, Japan - September 6, 2012 - NRI SecureTechnologies Ltd. in Tokyo will start to provide a support service for obtaining ISO22301 certification, as of September 6, 2012, regarding "an evaluation system for checking adaptability to the Business Continuity Management System (BCMS) complying to ISO22301" which JIPDEC begins.
In response to the Great East Japan Earthquake, which occurred in March 11, 2011, the Japanese government has fundamentally reviewed prospective damage to be caused by the Tokyo Epicentral earthquake and/or Nankai Trough huge earthquakes at the Central Disaster Prevention Council in the Governmental Cabinet Office. Based on the reviews, the emerging challenges of public and private sectors include the formulation of a Business Continuity Plan or BCP to maintain operations with minimal damage, and the establishment of a BCMS system. In May 15, 2012, ISO22301*1, a global standard for BCMS systems, was officially issued, and a certification service based on ISO22301 began in August this year. Therefore, it is expected that creation of the BCMS system will be accelerated in the near future.
Obtaining ISO22301 certification is an effective way to encourage third parties to implement a BCMS system complying with global standards. If a BCMS system is not suitable for actual business operations, however, the work load for just an audit and for continuous improvement might be heavier.
Every department is becoming more dependent on information systems to implement business operations. To build a highly-effective BCMS system, it is crucial to address information security issues to protect important information and systems, including not only countermeasures to a wide range of disasters such as earthquakes and influenza epidemics but also preparation to counter cyber-attacks on a specific department, as well as data disappearing due to operational mistakes in the information systems.
NRI Secure Technologies has a general BCMS methodology preparing for wide area disasters, and furthermore, has supporting experience of obtaining public certification on information systems (ISO27001*2, an evaluation system for adaptability to information security management systems (ISMS), and JISQ15001*3, a certification system for privacy marks), as well as plenty of know-how on security countermeasure support to counter cyber-attacks and so on. The company supports building a highly-effective BCMS system, making use of evaluation models of risks for business continuity and business influence analysis in the new services based on the above-mentioned experience and know-how.
For clients aiming at obtaining certification, the new service covers diagnosis of current status to support after certification. You can select the best option from a wide variety of services, depending on your requirements.
| # | Service name | Service contents |
|---|---|---|
| 1 | BCMS Diagnosis | By implementing a diagnosis based on a benchmark of ISO22301, we identify problems at an initial stage of BCMS introduction. If you have already introduced a BCMS system, we evaluate maturity in terms of business continuity and identify improvement opportunities. |
| 2 | Support for building a BCMS system | We organize tasks essential for obtaining certification, and support to produce an implementation plan clarifying schedule and operation assignment.Also, we assist with progress management and the production of documents to be submitted to an auditor to obtain a certification. |
| 3 | Support for BCMS Audits | We assist with an internal audit plan - including formulation of the plan, implementation of the internal audit and report writing - for a regular internal audit, which is a requirement of ISO22301. |
| 4 | Support for BCMS training | We train responsible people in business continuity management and internal auditing, and assist with training of all people, and with practical aspect of business continuity. |
| 5 | Support for BCMS implementation | We support preparation for successive audits or regular audits after certification, as well as solution proposals, advice and solution execution for various problems in the BCMS implementation. |
NRI SecureTechnologies is targeting ten clients for the new support services in this fiscal year.
NRI SecureTechnologies, a leading provider of information security solutions, is one of the group companies of Nomura Research Institute, Ltd. Established in 2000, it examines information security at business corporations from the aspects of technology and business management and offers a one-stop service from consulting to solution implementation, training, management and surveillance.
http://www.nri-secure.co.jp/en/index.html
[Contact to the news release]
[Contact to the service]