Business Continuity Management (BCM) ensures that companies identify and design critical business processes so that they can overcome emergency situations as soon as possible or even prevent them in advance.

As a management process, Business Continuity Management  tries to achieve identifying major risks that expose a threat to the organization’s survival and set counteractions at any early stage. To ensure their ability to function and survive, companies need to take preventive measures to create more robust, fail-safe business processes and enable fast, targeted reactions in the case of emergency or crisis. Business Continuity Management  provides a planned, organized approach to sustainably increase the robustness of essential or time-critical business processes, respond to damaging events accordingly, and return to business as usual as quickly as possible.

The goal of Business Continuity Management is to minimize temporary disruptions to important business processes or eliminate them entirely and secure the company’s economic existence in the case of major damaging events. This requires a holistic view of all factors to continue critical business processes, and not simply the resource of information technology, in case of a damaging event. IT service continuity management (ITSCM) is one component of Business Continuity Management.

GOLDENHORN ONEGRC supports all relevant steps along the entire Business Continuity Management  lifecycle:

  • Business impact analysis 
  • Identifying business-critical processes
  • Running damage analyses (categories and scenarios for damage and protection requirements)
  • Collecting restore parameters (e.g. max. tolerated downtime, max. tolerated data loss, recovery time and level)
  • Setting priorities and criticality
  • Collecting resources for normal and emergency operations
  • Defining criticality and the order for restarting resources
  • Creating BIA reports
  • Risk analysis (identification, evaluation, strategies, reporting)
  • Control analysis (determining current status)
  • Resilience strategies (including analysis of costs to benefits)
  • Emergency prevention (actions, controls, guidelines, escalation)
  • Validation and Verification Test (execution, documentation)
  • Compliance (maturity level)


  • Flexible modification of customer-specific requirements
  • Fewer management tasks in the central BCM team
  • Optimal reporting (efficient, structured views)
  • Automated, transparent action tracking
  • Investment security through module extensibility (ISM)
  • Integration of ITRM in the BCM solution
  • Optional mapping of SCM requirements
  • Completely accessible risk management
  • Transparency on the maturity level of BCM
  • Simpler information exchange among different stakeholders
  • Integration of business departments and process owners based on a business impact analysis or tactics
  • Documentation and tracking of defined and assumed emergencies
  • Fast implementation (Web application)
  • Workflow support for complex approval processes
  • Less reporting work through automation


  • Compatible with many standards
  • Mapping of BCM assessment lifecycles and period comparisons (business impact analysis, risk analysis, BCP/DRP and validation verification tests)
  • Custom rule configurations to enable objective evaluations based on quantitative and qualitative criteria
  • GOLDENHORN ONEGRC process support for editing and tracking actions, test results, emergency cases, etc.
  • Mapping complex cause-and-effect relationships among organizational units, infrastructures, IT systems, IS services, processes and resources
  • Individual reports for various stakeholders
  • Comprehensive evaluation and aggregation capabilities
  • Support for custom client-side modifications
  • Simple administration


Thanks to the modular configurations of GOLDENHORN ONEGRC with different submodules and features:

> Business Continuity Knowledge Management System

> Business Continuity Case Management – Business Resilience Request Fulfillments

> Business Continuity Incident Management

> Business Continuity Management – Plan ActivationsBusiness Resilience Assessment Planning Management

> Business Continuity Assessment Management

> Business Impact Analysis – ProcessBusiness Impact Analysis – Product/ServiceBusiness Impact Analysis – Investment Projects

> Business Impact Analysis – Vendors&Suppliers

> Business Impact Analysis – External Service Provider

> Business Continuity Scoring Engine

> Business Continuity Assessment – Risk Assessment for ProcessBusiness Resilience Plans Testing & Rehearsals Management

> Business Continuity Finding Management

> Business Continuity Performance Management

> Business Continuity Analytics and Reporting