Part 2: RAR - Treatment and Control DR

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
BCM Planning Methodology RAR.jpg

Part 2: Treatment and Control

After identifying the list of threats faced by the organisation in the previous section, participants will then proceed to the Treatment and Control section

Threat (Col 2)

Part 2: Treatment and Control

The name of each threat identified in List of Threats.

  • BCM Coordinators are to ensure that all threats that have been highlighted in the previous section are represented here under the threat column.

Existing Risk Treatment (Col 3 to 6)

Existing Risk Treatment refers to the mitigating measures already put into place by the organization to handle recognized threats. 4 risk treatments are available to address the majority of the risks posed by threats

Existing Controls (Col 7)

  • Controls are instruments or practices that are used to manage risk. All controls fall within one of the above 4 treatment options and served as an elaboration of the existing risk treatments.
  • Existing Controls are "Controls" that are already implemented within your organization to manage the identified risk.
    • For example, if the fire is the threat, existing controls could include fire extinguishers, fire wardens, and an evacuation plan.

Additional Controls (Col 8)

  • Additional Controls are Controls that will be identified within the questionnaire.
    • In the example of fire again, an additional control could include setting up an alternate assembly area to congregate in the event of wet weather