Practitioner Certificate in Business Continuity Management

Transcription

1 Practitioner Certificate in Business Continuity Management Version 2.0 March 2011

2 Introduction This document is the syllabus for the ISEB Practitioner Certificate in Business Continuity Management, as administered by the Information Systems Examination Board (ISEB). This Certificate is intended for, but not limited to, those who are involved in the areas of information security and information assurance. The qualification contains a number of practical sessions, designed to build on the taught components of the module, and to encourage debate and the sharing of knowledge and experience between students. The timings of each section are intended as a guide for Training Providers. The qualification promotes a hands-on approach to Business Continuity Management, making use of current standards, enabling students to make immediate use of the module on their return to their organisations. Objectives of the Business Continuity Module On completion of this module, delegates will have a detailed understanding of: The function of and the need for Business Continuity Management within an organisation The Business Continuity Management Life-cycle The main components of a Business Continuity Management programme The need for Risk Assessment within Business Continuity Management The options for development of a Business Continuity Management strategy How to prepare and develop plans for Business Continuity Management response The need for exercising, maintenance and review of plans The need for embedding Business Continuity Management awareness within the organisation The module includes a number of practical examples of business continuity management techniques. Training Providers may include additional exercises where they believe these add value to the training course. Entry Criteria There are no formal entry requirements but candidates will require an understanding of information assurance. It is recommended that candidates attend an accredited training course. The Examination A three hour scenario based written examination consisting of: Part A: Part B: Part C: 10 multiple choice questions. (1 mark each) - answer all questions. 6 Compulsory short narrative questions. (5 marks each) - answer all questions. 3 Compulsory essay style questions. (20 marks each). Copyright BCS 2011 Page 2 of 21

3 Notice to Training Providers Each major subject heading in the syllabus is assigned an allocated time. The purpose of this is to give both guidance on the relative proportion of time to be allocated to each section of an accredited course and an approximate minimum time for the teaching of each section. Training Providers may spend more time than is indicated and candidates may spend more time again in reading and research. The total time specified in this syllabus is 36 hours of lecture and practical work. The course may be delivered as a series of modules with gaps between them, as long as it meets all other constraints. Courses do not have to follow the same order as the syllabus. The syllabus contains references to established standards. The use of referenced standards in the preparation of training material is mandatory. Each standard used must be the version quoted in the current version of this syllabus. Change History Version 1.1 January 2010 Added in Classroom Size and Trainer Qualification Criteria. Introduced Knowledge and Skills and Learning Levels. Changed pass rate to 65% for Section A and B (was just Section 1). Minor amendments to Section 4.5 & 4.6 and Section 8. Reformatted with the BCS branding. Copyright BCS 2011 Page 3 of 22

4 Contents Syllabus Content Introduction to Business Continuity Management 2 hours The need for Business Continuity Management The context of Business Continuity Management in the business Review of Risk Management Fundamentals The Business Continuity Lifecycle Business Continuity Programme Management 2 hours Governance Implementation Reporting Involvement of Third Parties Documentation Understanding the Organisation 11 hours Identification of Mission Critical Impact Areas Business Impact Analysis Horizon Scanning Continuity Requirements Risk Assessment Evaluation of Options Business Cases and Programme Sign-Off Determining the Business Continuity strategy 8 hours Strategic Options People Premises Processes and Procedures Technology Information Supply Chain Stakeholders Civil Emergencies Business Continuity Response 6 hours Overall Business Continuity Response Structure Types of Plan Incident Management Plans Business Continuity Plans Disaster Recovery Plans Business Resumption Plans Exercising, maintenance and review 3 hours Exercising and Testing of Plans Maintenance of Plans Review of Plans...16 Copyright BCS 2011 Page 4 of 22

5 7. Embedding Business Continuity Awareness in the Organisation 4 hours Overall Awareness Skills Training Annexes Glossary of Terms and Definitions References Additional Information...17 Levels of Skill and Responsibility...18 Levels of Knowledge...20 Format of the Examination...21 Trainer Qualification Criteria...21 Class Room Size...21 Copyright BCS 2011 Page 5 of 22

6 Syllabus Content 1. Introduction to Business Continuity Management 2 hours This section of the module provides a basic introduction to the discipline of Business Continuity Management, describes how it should fit in with the overall strategy of a business, and provides a brief overview of risk management. 1.1 The need for Business Continuity Management Explain: When Business Continuity Management should be used Why Business Continuity Management is used and the regulatory framework and good business practices which underpin Business Continuity Management How the whole organisation can make use of Business Continuity Management The use of Business Continuity Management standards, (see section 8) or other relevant international standards 1.2 The context of Business Continuity Management in the business Explain: Why businesses should take account of Business Continuity Management The business benefits of Business Continuity Management The consequences of no Business Continuity Management 1.3 Review of Risk Management Fundamentals Describe: The concept of vulnerabilities The concepts of threats and hazards The basic principles of Business Impact Analyses The basic principles of Risk Assessment The concept of risk matrices The concepts of risk acceptance, avoidance, transfer and reduction 1.4 The Business Continuity Lifecycle Outline the overall concept of the Business Continuity lifecycle Describe: The need for understanding the organisation The need for determining a Business Continuity strategy The need for determining the Business Continuity response The process for testing, exercising, maintenance and review The importance of embedding a Business Continuity culture into the organisation Copyright BCS 2011 Page 6 of 22

7 2. Business Continuity Programme Management 2 hours This section of the module describes key areas of the overall Business Continuity Management programme. 2.1 Governance Describe the need for: Accountability for the overall Business Continuity programme Delegated responsibility for implementation of the individual components of the Business Continuity programme An over-arching Business Continuity programme plan 2.2 Implementation Explain: The need for communication of the Business Continuity programme to stakeholders The requirement for training of key staff involved in the Business Continuity programme, and the types of training which may be required The need for review, testing and exercising of Business Continuity capability The advantages of using a formal project management methodology for the Business Continuity programme 2.3 Reporting Explain the benefits of and the need for formal reporting of: The Business Continuity programme The Business Continuity capability 2.4 Involvement of Third Parties Explain: The need for establishing the Business Continuity capability of key suppliers How the information gained from the Business Continuity programme can assist the work of insurance loss adjusters How evidence must be preserved, collected and used in cases where criminal damage has caused a business interruption Copyright BCS 2011 Page 7 of 22

8 2.5 Documentation Explain the requirements for the proper documentation of: An agreed Business Continuity Management policy Terms of reference for the Business Continuity Management programme Business Impact Analyses Risk Assessments Business Continuity strategies A Business Continuity training and awareness programme Incident Management, Business Continuity and both Technical Recovery and Business Recovery plans (return to normal operations) A Business Continuity testing and exercise schedule Business Continuity Service Level Agreements and contracts The need for secure off-site /dual site storage of vital information and materials 3. Understanding the Organisation 11 hours This section of the module describes how the Business Continuity Manager sets about understanding the organisation and initiates the overall Business Continuity Management programme. 3.1 Identification of Mission Critical Impact Areas Explain the approach for identifying mission-critical areas of the business by: Department, e.g. Sales & Marketing, Finance, Production, Human Resources Product or service, e.g. mainstream versus legacy products Support capability, e.g. supply chain, energy, distribution 3.2 Business Impact Analysis Explain the process for arriving at a quantitative or qualitative Business Impact Analysis in terms of: Direct financial impact, e.g. revenue streams, cashflow, litigation Indirect financial loss, e.g. Brand, Share value, Customer confidence Other impact, e.g. Legal & Regulatory Discuss the topic of Business Interruption Costs (group discussion) Carry out a high-level Business Impact Analysis (practical work) 3.3 Horizon Scanning Explain the advantages of horizon scanning to identify early warnings of potential: Threats, e.g. Virus and Denial of Service (DoS) attacks, disaffected staff Hazards, e.g. severe weather, pandemics Copyright BCS 2011 Page 8 of 22

9 3.4 Continuity Requirements Explain how a Business Continuity plan must take into account: Staff Premises Supporting technology Information External services and supplies Produce a high-level statement of continuity requirements for one of the above (practical work) 3.5 Risk Assessment Explain the process of Risk Assessment, taking into account the following factors: Threats and hazards, including environmental, people (e.g. pandemic, industrial action), premises, process, supply chain, customer and technical issues, fire, natural hazards (e.g. flood, severe weather), deliberate and accidental releases of toxic chemicals Vulnerabilities Likelihood or probability Levels of impact (from section 3.2) Proximity of risk Single points of failure in both systems and people (succession planning) Carry out a high-level risk assessment (practical work) 3.6 Evaluation of Options Explain how each risk can be categorised in terms of: Acceptance Avoidance Transfer Reduction Describe the need for a cost / benefit analysis where the costs of controls are similar to the potential losses 3.7 Business Cases and Programme Sign-Off Describe the key components of a business case: Management summary Impact statement (Business Impact Analysis) Risk Assessment Options and recommendations Supporting material, including costs and timescales Describe the requirement for formal presentation of a business case and the need for approval and sign-off by senior management Copyright BCS 2011 Page 9 of 22

10 4. Determining the Business Continuity strategy 8 hours This section of the module describes how the organisation develops an overall Business Continuity strategy. 4.1 Strategic Options Outline: The concept of the maximum tolerable period of disruption of a mission-critical activity The concept of costs versus benefits in the implementation of Business Continuity strategies The possible consequences of inaction (refer back to section 3.2 on Business Impact Analysis) The advantages of emergency packs The need for accurate inventories of assets The need to take local, regional, national and industry sector legislation into account 4.2 People Explain: The benefits of multi-skill training of both permanent and contract staff The benefits of the physical separation of staff with core skills The advantages (and disadvantages) of using third party staff The need for succession planning The need for knowledge retention and management Types of team, including response, recovery, public relations, welfare The need for staff welfare arrangements during and following an incident, including stress and trauma counselling 4.3 Premises Explain: The benefits of using alternative premises owned by the organisation and those of other organisations and third-parties The benefits of home or tele-working and those of working from remote premises The benefits of moving workload to existing alternative premises 4.4 Processes and Procedures Explain: The need to document and store the way in which mission-critical processes and procedures are carried out Understanding the legal implications, including consequential loss, legal action and third party losses Copyright BCS 2011 Page 10 of 22

11 4.5 Technology Explain: How the geographical separation of technology solutions improves resilience How previously-used equipment can be retained for disaster recovery purposes How lead times must be taken into account in planning technology recovery The meaning of Maximum Tolerable Period of Disruption (MTPoD) The importance of Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) and the relationship between MTPoD and RPO The impact of distance between main and standby premises Remote access considerations The use of hot, warm and cold sites, both manned and unmanned or dark sites The need for careful provisioning of telecommunications facilities The differences between resilience, redundancy and separacy The various mechanisms for achieving failover to standby premises The importance of considering connectivity to third parties Links with information security strategies Discuss the options for technology recovery of an organisation (group discussion) [training provider to suggest a suitable scenario] 4.6 Information Review the need for and importance of: Confidentiality Integrity Availability Authentication Non-repudiation Describe the concept of currency of information Describe the various methods of information storage Explain the need for efficient backup, off-site storage and retrieval of information, bearing in mind the RTO and RPO discussed in Supply Chain Discuss: The advantages of storing supplies and materials at alternative locations The benefits of supplier arrangements which allow short-notice ordering and delivery and the service level agreements which underpin these The diversion of just-in-time deliveries to alternative locations The transfer of operations to those locations having supplies and materials Identification of alternative supplier, materials and suppliers The advantages of sourcing suppliers and materials from multiple suppliers Ensuring that key suppliers have appropriate levels of business continuity themselves Copyright BCS 2011 Page 11 of 22

12 4.8 Stakeholders Explain the requirement to take into consideration the relationship with key stakeholders: Parent organisations Shareholders Customers Suppliers Business partners Contractors Industry regulators where applicable 4.9 Civil Emergencies Explain: The need for an awareness of civil contingency requirements The possible need for the production, maintenance and testing of on-site or off-site emergency plans The need for warning and informing staff about civil emergencies which might affect them The need for an awareness of the ongoing recovery arrangements following a civil emergency The integration and inter-dependency of organisational plans and those of other emergency responders 5. Business Continuity Response 6 hours This section of the module describes how the organisation develops and implements the Business Continuity response. 5.1 Overall Business Continuity Response Structure Describe how the organisation should form a response structure which will permit the organisation to: Confirm the nature and extent of the incident Take control of the situation and determine the most appropriate response Contain and manage the incident Communicate with internal and external stakeholders Copyright BCS 2011 Page 12 of 22

13 5.2 Types of Plan Describe the various types of plan, including: Incident response and management plans Business Continuity plans, including technical and business plans and individual employee instructions Disaster Recovery plans Business resumption (back-to-normal) plans The generic content of plans, e.g. purpose and scope; roles and responsibilities; invocation process; contact details; plan version history, revision date and ownership; references Involvement of key departments of the organisation in verifying the suitability of plans Links and inter-dependencies between departmental and organisational plans The involvement of third parties in disaster recovery and business continuity plans The use of service level and contingency agreements to activate disaster recovery and business continuity plans The advantages of disaster recovery companies and their services The need for off-site storage of plans, including multiple media types The advantages of a pre-equipped emergency operations centre Planning for renewal of staff resources during incident response and the effects of stress on individual members of response teams Planning for escalation of issues requiring senior management decisions The need to consider different durations of disruption 5.3 Incident Management Plans Describe the contents of an incident management plan over and above those found in 5.2.5: Task and action lists Emergency contact details; details of the incident management location Activities, including people, process and technology Communications, including internal, media, emergency responders (e.g. Blue Light services), voluntary services and stakeholders Annexes, including photographs, maps and charts; third party response documentation; site access information; insurance claim procedures Copyright BCS 2011 Page 13 of 22

14 5.4 Business Continuity Plans Describe the contents of a business continuity plan over and above those found in 5.2.5: Task and action lists, including invocation procedures; locations of key people and resources; procedures for disaster recovery and alternative working Resource requirements, including people, premises, processes and procedures, technology, information, supply chain and stakeholders Person(s) responsible for the management of the response and recovery operations Checklists, forms and annexes, including activity log forms Prepare a high-level business continuity plan (practical work) [training provider to suggest a suitable scenario] 5.5 Disaster Recovery Plans Describe the contents of a disaster recovery plan over and above those found in 5.2.5: Task and action lists Emergency contact details; details of the incident management location Activities, including people, process and technology Communications, including internal and stakeholders Annexes, including details of third party contacts and invocation procedures, site access information 5.6 Business Resumption Plans Describe the contents of a disaster recovery plan over and above those found in 5.2.5: Task and action lists Ownership and management of the business resumption process High-level options for longer-term replacement of key staff, premises, systems, services, equipment and machinery Salvage and recovery of assets from premises affected by an incident Insurance claims for assets lost or destroyed by an incident Communications, including internal and stakeholders The subsequent impact of an incident on cashflow, staff, customers, insurance premiums Copyright BCS 2011 Page 14 of 22

15 6. Exercising, maintenance and review 3 hours This section of the module describes the overall Business Continuity exercising, maintenance and review programme. 6.1 Exercising and Testing of Plans Explain the concept of business continuity exercising, maintenance and review: Types of test and exercise, including communications, documentation walkthrough; table-top simulation; partial test (stopping short of actual fail-over); full failover test; building evacuation / redeployment test Forward planning of tests and exercises Post-exercise reviews and audit Programme of remedial work to implement improvements raised by a postexercise review or audit Training and education programme for staff already involved in the business continuity programme and for new staff who will be involved The need to decide when to test or exercise plans during normal working hours, out of normal working hours, tests and exercises which overlap two or more changes of staff (e.g. shift changes) The need for change control of plans Prepare a schedule of tests adding complexity over a defined time period covering the disaster recovery and business continuity plans for an organisation (practical work) [training provider to suggest a suitable scenario] 6.2 Maintenance of Plans Explain the need for and frequency of regular updates to the plans for: Names of key individuals Contact details Photographs, maps and charts Third party response documentation Site access information Insurance claim procedures Communication procedures Links into the organisation s development and/or change management process Copyright BCS 2011 Page 15 of 22

16 6.3 Review of Plans Explain the need for and frequency of regular reviews of: Mission-critical activities Impact analyses Vulnerabilities Threats and hazards The overall business continuity strategy The organisation s risk appetite The organisation s business continuity capability The degree to which business continuity solutions remain appropriate The progress of testing, exercising and training Independent audit of business continuity plans 7. Embedding Business Continuity Awareness in the Organisation 4 hours This section of the module describes how Business Continuity awareness should be embedded into the organisation 7.1 Overall Awareness Describe how business continuity awareness can be achieved through: Consultation with key departments within the organisation Articles on business continuity within the organisation s newsletters, briefings, intranet pages and through the organisation s induction programme Business continuity management workshops which examine lessons learnt from real-life internal and external incidents Inclusion in team meeting and project meeting agenda Involvement of deputising staff in tests and exercises Structured advice to all staff on what to do or where to report in the event of an incident Prepare a high-level business continuity awareness campaign (practical work) [training provider to suggest a suitable scenario] 7.2 Skills Training Explain the need for and benefits of training of key staff for: Business continuity programme management Business Impact Analyses and Risk Assessments Developing and implementing business continuity plans Taking part in and/or running business continuity tests and exercises Communications with the media Copyright BCS 2011 Page 16 of 22

17 8. Annexes This section of the module describes the overall Business Continuity Management programme 8.1 Glossary of Terms and Definitions Refer to Glossary of Terms from BS : References BS EN ISO 9000, Quality management systems Fundamentals and vocabulary BS ISO/IEC (both parts), Information technology Service management BS ISO/IEC 27001, Information technology Security techniques Information security management systems Requirements PAS77, IT Service Continuity management The Business Continuity Institute Good Practice Guidelines 2010 Global Edition A Management Guide to Implementing Global Good Practice in Business Continuity Management. The Business Continuity Institute, BS :2006 Business continuity management. Code of practice BS :2007 Business continuity management. Specification 8.3 Additional Information This course will provide candidates with the levels of knowledge highlighted within the following table, enabling them to develop the skills to operate at the levels of responsibility indicated. The levels of knowledge, skill and responsibility are explained in the following text: Level Levels of knowledge Levels of skill and responsibility 7 Set strategy, inspire and mobilise 6 Evaluate Initiate and influence 5 Synthesise Ensure and advise 4 Analyse Enable 3 Apply Apply 2 Understand Assist 1 Remember Follow Copyright BCS 2011 Page 17 of 22

18 Levels of Skill and Responsibility The levels of knowledge above will enable candidates to develop the following levels of skill to be able to operate at the following levels of responsibility (as defined within the SFIA framework) within their workplace: Level 1: Follow Work under close supervision to perform routine activities in a structured environment. They will require assistance in resolving unexpected problems, but will be able to demonstrate an organised approach to work and learn new skills and applies newly acquired knowledge. Level 2: Assist Works under routine supervision and uses minor discretion in resolving problems or enquiries. Works without frequent reference to others and may have influence within their own domain. They are able to perform a range of varied work activities in a variety of structured environments and can identify and negotiate their own development opportunities. They can also monitor their own work within short time horizons and absorb technical information when it is presented systematically and apply it effectively. Level 3: Apply Works under general supervision and uses discretion in identifying and resolving complex problems and assignments. They usually require specific instructions with their work being reviewed at frequent milestones, but can determines when issues should be escalated to a higher level. Interacts with and influences department/project team members. In a predictable and structured environment they may supervise others. They can perform a broad range of work, sometimes complex and non-routine, in a variety of environments. They understand and use appropriate methods, tools and applications and can demonstrate an analytical and systematic approach to problem solving. They can take the initiative in identifying and negotiating appropriate development opportunities and demonstrate effective communication skills, sometimes planning, scheduling and monitoring their own work. They can absorb and apply technical information, works to required standards and understand and uses appropriate methods, tools and applications. Level 4: Enable Works under general direction within clear framework of accountability and can exercise substantial personal responsibility and autonomy. They can plan their own work to meet given objectives and processes and can influence their team and specialist peers internally. They can have some responsibility for the work of others and for the allocation of resources. They can make decisions which influence the success of projects and team objectives and perform a broad range of complex technical or professional work activities, in a variety of contexts. They are capable of selecting appropriately from applicable standards, methods, tools and applications and demonstrate an analytical and systematic approach to problem solving, communicating fluently orally and in writing, and can present complex technical information to both technical and non-technical audiences. They plan, schedule and monitor their work to meet time and quality targets and in accordance with relevant legislation and procedures, rapidly absorbing new technical information and applying it effectively. They have a good appreciation of the wider field of information systems, their use in relevant employment areas and how they relate to the business activities of the employer or client. Copyright BCS 2011 Page 18 of 22

19 Level 5: Ensure and advise Works under broad direction, being fully accountable for their own technical work and/or project/supervisory responsibilities, receiving assignments in the form of objectives. Their work is often self-initiated and they can establish their own milestones, team objectives, and delegates responsibilities. They have significant responsibility for the work of others and for the allocation of resources, making decisions which impact on the success of assigned projects i.e. results, deadlines and budget. They can also develop business relationships with customers, perform a challenging range and variety of complex technical or professional work activities and undertake work which requires the application of fundamental principles in a wide and often unpredictable range of contexts. They can advise on the available standards, methods, tools and applications relevant to own specialism and can make correct choices from alternatives. They can also analyse, diagnose, design, plan, execute and evaluate work to time, cost and quality targets, communicating effectively, formally and informally, with colleagues, subordinates and customers. They can demonstrate leadership, mentor more junior colleagues and take the initiative in keeping their skills up to date. Takes customer requirements into account and demonstrates creativity and innovation in applying solutions for the benefit of the customer. Level 6: Initiate and influence Have a defined authority and responsibility for a significant area of work, including technical, financial and quality aspects. They can establish organisational objectives and delegates responsibilities, being accountable for actions and decisions taken by them self and their subordinates. They can influence policy formation within their own specialism to business objectives, influencing a significant part of their own organisation and customers/suppliers and the industry at senior management level. They make decisions which impact the work of employing organisations, achievement of organisational objectives and financial performance, developing high-level relationships with customers, suppliers and industry leaders. They can perform highly complex work activities covering technical, financial and quality aspects. They contribute to the formulation of IT strategy, creatively applying a wide range of technical and/or management principles. They absorb complex technical information and communicate effectively at all levels to both technical and non-technical audiences, assesses and evaluates risk and understand the implications of new technologies. They demonstrate clear leadership and the ability to influence and persuade others, with a broad understanding of all aspects of IT and deep understanding of their own specialism(s). They take the initiative in keeping both their own and subordinates' skills up to date and to maintain an awareness of developments in the IT industry. Level 7: Set strategy, inspire and mobilise Have the authority and responsibility for all aspects of a significant area of work, including policy formation and application. They are fully accountable for actions taken and decisions made, by both them self and their subordinates. They make decisions critical to organisational success and influence developments within the IT industry at the highest levels, advancing the knowledge and/or exploitation of IT within one or more organisations. They develop long-term strategic relationships with customers and industry leaders, leading on the formulation and application of strategy. They apply the highest level of management and leadership skills, having a deep understanding of the IT industry and the implications of emerging technologies for the wider business environment. They have a full range of strategic management and leadership skills and can understand, explain and present complex technical ideas to both technical and non-technical audiences at all levels up to the Copyright BCS 2011 Page 19 of 22

20 highest in a persuasive and convincing manner. They have a broad and deep IT knowledge coupled with equivalent knowledge of the activities of those businesses and other organisations that use and exploit IT. Communicates the potential impact of emerging technologies on organisations and individuals and analyses the risks of using or not using such technologies. They also assess the impact of legislation, and actively promote compliance. Levels of Knowledge The following levels of knowledge shall be defined and applied for syllabus creation. Each topic in the syllabus shall be examined according to the learning objectives defined in the section devoted to that topic. Each learning objective has a level of knowledge (K level) associated with it and this K level by association defines the nature of any examination questions related to that topic. Note that each K level subsumes lower levels. For example, a K4 level topic is one for which a candidate must be able to analyse a situation and extract relevant information. A question on a K4 topic could be at any level up to and including K4. As an example, a scenario requiring a candidate to analyse a scenario and select the best risk identification method would be at K4, but questions could also be asked about this topic at K3 and a question at K3 for this topic might require a candidate to apply one of the risk identification methods to a situation. Level 1: Remember (K1) The candidate should be able to recognise, remember and recall a term or concept but not necessarily be able to use or explain. Typical questions would use: define, duplicate, list, memorise, recall, repeat, reproduce, state. Level 2: Understand (K2) The candidate should be able to explain a topic or classify information or make comparisons. The candidate should be able to explain ideas or concepts. Typical questions would use: classify, describe, discuss, explain, identify, locate, recognise, report, select, translate, paraphrase. Level 3: Apply (K3) The candidate should be able apply a topic in a practical setting. The candidate should be able to use the information in a new way. Typical questions would use: choose, demonstrate, employ, illustrate, interpret, operate, schedule, sketch, solve, use, write. Level 4: Analyse (K4) The candidate should be able to distinguish/separate information related to a concept or technique into its constituent parts for better understanding, and can distinguish between facts and inferences. Typical questions would use: appraise, compare, contrast, criticise, differentiate, discriminate, distinguish, examiner, question, test. Copyright BCS 2011 Page 20 of 22

21 Level 5: Synthesise (K5) The candidate should be able to justify a decision and can identify and build patterns in facts and information related to a concept or technique, they can create new meaning or structure from parts of a concept. Typical questions would use: appraise, argue, defend, judge, select, support, value, evaluate. Level 6: Evaluate (K6) The candidate should be able to provide a new point of view and can judge the value of information and decide on its applicability in a given situation. Typical questions would use: assemble, contract, create, design, develop, formulate, write. Format of the Examination This syllabus has an accompanying examination at which the candidate must achieve a pass score to gain the ISEB Practitioner Certificate in Business Continuity Management. Type Duration Pre-requisites Supervised / Invigilated Closed Book Written Examination, 10 multiple choice questions, 6 short answer questions and 3 essay style questions (all compulsory). 3 hour examination. Candidates sitting the examination in a language other than their native language have an additional 30 minutes and are allowed the use of a paper dictionary. The dictionary will need to be checked by the invigilator prior to the examination None required. Yes No reading materials allowed into the examination room Pass Mark 65/100 (65%) (Candidates must achieve a combined result of at least 65% in Section A and B as well as an overall percentage of 65%) Distinction Mark Delivery Not applicable Paper based examination only via an ISEB Accredited Training Provider Trainer Qualification Criteria Criteria: Trainers must hold the ISEB Business Continuity Management Certificate Class Room Size Trainer to candidate ratio: 1:16 Copyright BCS 2011 Page 21 of 22