Bussiness continuity management system at Kenya bureau of standards

Abstract

Societal Security - Business Continuity Management System (ISO 22301:2012) is the world‟s first international standard for Business Continuity Management, developed by the International Organization for Standardization (ISO) to specify requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise(ISO 22301:2012). International standards are considered to be the main drivers for many aspects of Business Continuity Management (BCM) practice (Ihab, Sawalha, & Anchor, 2012). The Kenya Bureau of Standards (KEBS), the National Standards Body, adopted this ISO standard as a Kenyan Standard to enable organizations in Kenya to assess their ability for business continuity after an incident. No study in Kenya has covered a holistic BCMS whose performance depends on the implementation of the requirements of the BCMS. The study focuses on three requirements which include leadership, context of organization and operational requirements. The general objective of the study was to evaluate the implementation of BCMS at KEBS. The research design employed in this study is descriptive in nature. The study focused on KEBS which represents a huge government corporation in terms of revenue and strategic importance based on standardization (in this case, management system standard). This study targeted 60 staff members at KEBS headquarters including the directorate, heads of departments, officers and nontechnical staff. Primary data was collected using self-administered questionnaires. The data collected is presented through use of summarized percentages, proportions and tabulations. The study reveals systems in place at KEBS to address Business Continuity (BC), top management commitment to the implementation of BCMS at KEBS and the operational requirements implemented at KEBS. The study concludes that the Kenya Bureau of Standards has partially implemented BCMS. Major challenges in full implementation of a BCMS include full top management commitment, and the absence of government interference and bureaucracy. The study recognizes that IT outages, data breach, cyber-attacks and business ethics incidents are major threats to BC at KEBS and recommends improvement on communication/ awareness of BCMS requirements to all staff and accommodation in regulations of the need for BCMS in Government organizations.