Normative Regulation of Business Continuity Management in the Republic of Serbia
Abstract
The problem addressed in this paper concerns business continuity, that is, business continuity management. Business continuity management can be understood as one of the basic functions of any organization, the establishment and realization of which is necessary to ensure the continuation of business and at the same time the functioning of the organization in case of any disruption caused by a potentially harmful event. On the other hand, it is not wrong to understand this function in the context of corporate security, and as an integral part of it. The hypothesis put forward in the paper is the absence of an adequate normative framework for business continuity management in the Republic of Serbia. In the paper, the author investigated the existence of a normative regulation of business continuity management by applying an analysis of the content of relevant literature, specifically, legal regulations of the Republic of Serbia, standards and "good practice" in this area and regulations at the level of the European Union. The expected result of the work is the presentation of documents that contain provisions that regulate business continuity management for the Republic of Serbia, and then on a level that goes beyond the borders of the state - for the international arena in the field of business continuity created by state and non-state entities that aim for a more comprehensive understanding and application concept of business continuity. The author uses everything presented so far in order to point out the normative regulation of the subject area in the Republic of Serbia, but also more broadly, the importance of the entire area of business continuity, as well as the importance of greater involvement of the state in the regulation of issues of this type.
References
Basel Committee on Banking Supervision. (2019). SRP Supervisory review process. Basel: Bank for International Settlements. Преузето са https://www.bis.org/basel_
framework/chapter/SRP/10.htm
BCM Legislations, Regulations, Standards and Good Practice. (2016). Berkshire: Business Continuity Institute. Преузето са https://www.thebci.org/static/uploaded/aa17d414-03ac-4ddb-a43657dd6297312d.pdf
BCP Core Principles for effective banking supervision. (2019). Basel: Bank for International Settlements. Преузето са https://www.bis.org/publ/bcbs230.htm
Borodzicz, E. (2005). Risk, Crisis and Security Management. West Sussex: John Wiley & Sons.
Bundesamt für Sicherheit in der Informationstechnik. (n.d.). Modernisierter BSI-Standard 200-4 Business Continuity Management. Приступљено 10.10.2022. са https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/IT-Grundschutz/BSI-Standards/BSI-Standard-200-4-Business-Continuity-Management/bsi-standard-200-4_Business_Continuity_Management_node.html
Cabinet Office. (2020). National Resilience Standards for Local Resilience Forums (LRFs). Goverment UK. Преузето са https://www.gov.uk/government/publications/national-resilience-standards-for-local-resilience-forums-lrfs
Cornish, М. (2010). Business Continuity Management Methodology. In A. Hiles (Ed.), The Definitive Handbook of Business Continuity Management (3rd ed.). West Sussex: John Wiley & Sons.
Elliott, D. (2014). Disaster and Crisis Management. In M.Gill (ed.) Handbook of Security (2nd ed., pp. 813-836). London: Palgrave Macmillan.
Federal Office for Information Security. (2009). BSI-Standard: 100-4 Business Continuity Management (BSI Standard No. 100-4). Преузето са https://www.bsi.bund.de/
SharedDocs/Downloads/EN/BSI/Publications/BSIStandards/standard_100-4_e_pdf.html
Gibb, F., & Buchanan, S. (2006). A framework for business continuity management. International journal of information management, 26(2), 128-141.
Herbane, B. (2010). The evolution of business continuity management: A historical review of practices and drivers. Business history, 52(6), 978-1002.
Herbane, B., Elliott, D., & Swartz, E. M. (2004). Business continuity management: time for a strategic role?. Long range planning, 37(5), 435-457.
International Organization for Standardization. (2019). Security and resilience — Business continuity management systems — Requirements (ISO Standard No. 22301:2019). Приступљено са https://www.iso.org/obp/ui#iso:std:iso:22301:ed-2:v1:en
International Organization for Standardization. (n.d.). Standards. https://www.iso.org/standards.html
Kovacich, L. G., & Halibozek, P. E. (2003). The manager's handbook for corporate security: establishing and managing a successful assets protection program. Burlington: Butterworth–Heinemann is an imprint of Elsevier Science.
Mандић, Ј. Г., и Станојевић, П. (2020). Корпоративна безбедност. Београд: Факултет безбедности Универзитета у Београду.
Mилошевић, М. М. (2012). Одговорност правних лица за кривична дела (Докторска дисертација). Универзитет у Београду.
National Fire Protection Association. (n.d.). NFPA 1600. National Fire Protection Association. Приступљено 05.09.2022. са https://www.nfpa.org/codes-and-standards/all-codes-and-standards/list-of-codes-and-standards/detail?code=1600
Publications Office of the European Union. (2006). (COM (2006) 117 final): Communication from the Commission to the Council, the European Parliament, the European Economic and Social Committee and the Committee of the Regions - Implementing the Lisbon Community Programme for Growth and Jobs - Transfer of Businesses - Continuity through a new beginning. https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:52006DC0117&
qid=1643126334789
Randeree, K., Mahal, А., & Narwani, А. (2012). A business continuity management maturity model for the UAE banking sector. Business Process Management Journal, 18(3), 472-492.
Smith, L. C., & Brooks, J. D. (2013). Security Science: The Theory and Practice of Security. Waltham: Butterworth-Heinemann is an imprint of Elsevier.
Speight, P. (2011). Business Continuity. Journal of Applied Security Research, 6(4), 529-554.
Правни извори Републике Србије
Доктрина Војске Србије. (2010). Медија центар „Одбрана”, Београд.
Закон о банкама. (2005). "Сл. гласник РС", бр. 107/2005, 91/2010 и 14/2015
Закон о информационој безбедности. (2016). "Сл. гласник РС", бр. 6/2016, 94/2017, 77/2019.
Закон о критичној инфраструктури. (2018). "Сл. гласник РС", бр. 87/2018.
Закон о одбрани. (2007). "Сл. гласник РС", бр. 116/2007, 88/2009, 88/2009 - др. закон, 104/2009 - др. закон, 10/2015 и 36/2018.
Закон о приватном обезбеђењу. (2013)."Службени гласник РС", бр. 104/2013, 42/2015, 87/2018.
Закон о привредним друштвима. (2011). "Сл. гласник РС", бр. 36/2011, 99/2011, 83/2014 (др. закон), 5/2015-3, 44/2018, 95/2018, 91/2019, 109/2021.
Закон о смањењу ризика од катастрофа и управљању ванредним ситуацијама. (2018). "Службени гласник РС", број 87/2018.
Одлука о минималним стандардима управљања информационим системом финансијске институције. (2013). "Службени гласник РС", бр. 23/2013, 113/2013, 2/2017, 88/2019, 37/2021.
Одлука о одређивању правних лица од значаја за одбрану Републике Србије. (2008). "Сл. гласник РС", бр. 52/2008.
Одлука о плановима опоравка банке и банкарске групе. (2015). "Службени гласник РС", бр. 71/2015.
Одлука о управљању ризицима банке. (2011). "Службени гласник РС", бр. 45/2011, 94/2011, 119/2012, 123/2012, 23/2013 (др. одлука), 43/2013, 92/2013, 33/2015, 61/2015, 61/2016, 103/2016, 119/2017, 76/2018, 57/2019, 88/2019, 27/2020, 67/2020 (др. одлука).
Правилник о начину израде и садржају Плана заштите од пожара аутономне покрајине, јединице локалне самоуправе и субјеката разврстаних у прву и другу категорију. (2010). "Сл. гласник РС", бр. 73/2010.
Правилник о начину обављања појединачних полицијских послова. (2018). "Сл. гласник РС", бр. 63/2018 и 72/2018.
Стратегија националне безбедности Републике Србије. (2019). "Сл. гласник РС", бр. 94/2009.
Стратегија одбране Републике Србије. (2019). "Сл. гласник РС", бр. 94/2019.
Стратегија развоја Министарства унутрашњих послова за период 2018–2023. године. (2018). "Сл. гласник РС", бр. 78/2018.
Уредба о ближем уређењу мера заштите информационо-комуникационих система од посебног значаја. (2016). "Сл. гласник РС", бр. 94/2016.
Уредба о начину и поступку извршавања обавезе планирања припрема за одбрану. (2009). "Сл. гласник РС", бр. 24/2009.