Request a Demo

The Noggin Platform

The world's leading integrated resilience workspace for risk and business continuity management, operational resilience, incident & crisis management, and security & safety operations.

Learn More
Find Your Solution
  • Crisis management Crisis Management
  • Emergency Management Emergency Management

Apply best practices to plan for, respond to, and manage critical events and exercises. Built on ISO standards, you can respond faster with better collaboration using plans and playbooks, smart workflows, and real-time dashboards and insights, to ensure better incident response, decision-making, and continuous improvement.

Learn More
Request a Demo

All the information and tools needed to manage any incident effectively through the entire lifecycle of mitigation, preparedness, response, and recovery, following ISO, ICS and other national standards. Keep your whole team following the same plans, communicating on the same platform, and viewing the same operating picture - from any place or device.

Learn More
Request a Demo
  • Safety Management Safety Management
  • Employee Health & Wellbeing Employee Health & Wellbeing
  • Governance Risk & Compliance Governance, Risk & Compliance (GRC)
  • Asset Management Asset Management
  • Contractor Management Contractor Management
  • Visitor Management Visitor Management
  • Emergency Management Emergency Management

All the tools needed to automate your safety management system in one easy-to-use platform, following ISO standards. Increase efficiency with powerful automation capabilities and provide real time insights to all levels of your business. Configurable notifications, workflows, analytics, and mapping empower your safety personnel to make better decisions wherever they are.

Learn More
Request a Demo

Maintain a comprehensive view of the wellbeing of your workers, their needs, and the wellbeing initiatives conducted in your organization. Through various assessments, checks, analytics, and resources you can easily manage both the physical and mental wellbeing of personnel across various locations and programs.

Learn More
Request a Demo

A suite of tools to collect risk data from across your organziation from a range of stakeholders, in real time, and based on ISO standards. Fully customisable, with everything from a simple pre-task assessment though to an organisational risk register, we make it easy to capture risk data and provide the analytics to derive rich insights, to keep your organisation safe and compliant.

Learn More
Request a Demo

Track all your assets from your vehicle fleet, fixed or mobile plant and equipment though to your critical infrastructure using our range of tools. Plan maintenance ahead of time and by collecting lead indicator data from checklists and assessments on any mobile device, then enable users to update the status of your assets to track utilisation, share documentation and report issues.

Learn More
Request a Demo

Save time and money by enabling contractors to self-register and progress through a customizable workflow, to check documentation before becoming an approved contractor. Contractors can then be automatically followed up using workflows and notifications to keep their organziation compliant.

Learn More
Request a Demo

Streamline visitor sign-in using a QR code on a form tailored for your organisation. Visitors can complete inductions, answer questions and acknowledge content then have notifications triggered to their host based on their responses. Once on site, manage visitor cards, broadcast notifications and understand visitor trends to optimise your processes.

Learn More
Request a Demo

All the information and tools needed to manage any incident effectively through the entire lifecycle of mitigation, preparedness, response, and recovery, following ISO, ICS and other national standards. Keep your whole team following the same plans, communicating on the same platform, and viewing the same operating picture - from any place or device.

Learn More
Request a Demo
  • Physical Security Physical Security
  • Cyber Security Cyber Security
  • Visitor Management Visitor Management
  • Critical Infrastructure Protection Critical Infrastructure Protection
  • Emergency Management Emergency Management
  • Governance Risk & Compliance Governance, Risk & Compliance
  • Asset Management Asset Management
  • Contractor Management Contractor Management

Proactively manage all aspects of physical security operations from anywhere, on any device. Based on ISO standards, streamline your operations using workflow automations to guide information capture, enrichment, follow up tasks, and notifications. Validate threats and risks to drive better investment of your resources.

Learn More
Request a Demo

Manage cyber threats, risks, and treatments based on industry best-practice guidelines and ISO standards. Plan objectives and set targets, manage all elements of standards-compliance, and schedule and record audits and inspections. Manage non-compliances and corrective actions, and drive continual improvement review cycles.

Learn More
Request a Demo

Streamline visitor sign-in using a QR code on a form tailored for your organisation. Visitors can complete inductions, answer questions and acknowledge content then have notifications triggered to their host based on their responses. Once on site, manage visitor cards, broadcast notifications and understand visitor trends to optimise your processes.

Learn More
Request a Demo

Consolidate the threat and risk picture across all your assets, easily demonstrate compliance with security obligations, and gain an ‘all threats’ perspective encompassing physical, cyber, personnel and supply chain. Address and manage cyber threats without having to implement costly new ICT systems and drive continuous improvement and review cycles.

Learn More
Request a Demo

All the information and tools needed to manage any incident effectively through the entire lifecycle of mitigation, preparedness, response, and recovery, following ISO, ICS and other national standards. Keep your whole team following the same plans, communicating on the same platform, and viewing the same operating picture - from any place or device.

Learn More
Request a Demo

Manage cyber, emergency and security threats, risks, and treatments based on industry best-practice guidelines and ISO standards. Plan objectives and set targets, manage all elements of standards-compliance, and schedule and record audits and inspections. Manage non-compliances and corrective actions and drive continual improvement review cycles.

Learn More
Request a Demo

Track all your assets from your vehicle fleet, fixed or mobile plant and equipment though to your critical infrastructure using our range of tools. Plan maintenance ahead of time and by collecting lead indicator data from checklists and assessments on any mobile device, then enable users to update the status of your assets to track utilization, share documentation and report issues.

Learn More
Request a Demo

Save time and money by enabling contractors to self-register and progress through a customizable workflow, to check documentation before becoming an approved contractor. Contractors can then be automatically followed up using workflows and notifications to keep their organziation compliant.

Learn More
Request a Demo
  • Business Continuity Planning Business Continuity Planning
  • Crisis Management Crisis Management
  • Governance Risk & Compliance Governance, Risk & Compliance (GRC)
  • Continuity of Operations Continuity of Operations (COOP)

Follow ISO standard approaches to determine disruption impacts and develop plans & recovery strategies to address risks. Track gaps, dependencies and tests, capture exercises, and manage insurance details. Scale up to any incident and back down to business as usual as quickly as possible and drive continuous improvement.

Learn More
Request a Demo

Apply best practices to plan for, respond to, and manage critical events and exercises. Built on ISO standards, you can respond faster with better collaboration using plans and playbooks, smart workflows, and real-time dashboards and insights, to ensure better incident response, decision-making, and continuous improvement.

Learn More
Request a Demo

Manage cyber, emergency and security threats, risks, and treatments based on industry best-practice guidelines and ISO standards. Plan objectives and set targets, manage all elements of standards-compliance, and schedule and record audits and inspections. Manage non-compliances and corrective actions and drive continual improvement review cycles.

Learn More
Request a Demo

Ensure preparedness across your organisation. Conduct business impact assessments and quickly identify essential functions. Assess hazard and threat risks. Identify technology, assets, facilities, and critical personnel. Gather and assemble essential information and documents. Develop, test and maintain your COOP plans. From readiness and preparedness to reconstitution, manage all four phases of the Continuity of Operations Plan to minimize business loss and disruption.

Learn More
Request a Demo
Resource 4
Whitepaper

A Comprehensive Guide to Understanding ISO45001

Access the Guide

Who We Are

The world’s leading platform for integrated safety & security management.

Learn More

What Can All Businesses Learn from Sector-Specific Business Continuity Management Standards

As the late 2000s Financial Crisis demonstrated, risk in just one financial institution can spill over, endangering the viability of the sector (and the wider economy) at large. That’s why since then, financial regulators have imposed tough measures on the entities they oversee.

But these common-sense measures aren’t just applicable to financial institutions; all organisations, irrespective of industry, should consider taking them up. What are some examples to consider? 

Business Continuity Management standards in the financial sector

The Australian Prudential Regulation Authority (APRA) supervises financial and related institutions across the banking, insurance, and superannuation sectors. Its mandate includes maintaining the safety and soundness of the financial industry. And as a result, APRA is obliged to maintain a low incidence of failure among the entities it regulates.

Business continuity falls under this rubric. For this reason, APRA released Prudential Standard CPS 232 Business Continuity Management. What does it say?

For starters, the standard lays out the purpose of business continuity, which is to minimise the financial, legal, regulatory, reputational, and other material consequences arising from a disruption to critical business operations.

Critical business operations are those business functions, resources, and infrastructure that may, if disrupted, have a material impact on an organisation’s business functions, reputation, profitability, depositors, and/or policyholders.

According to the standard, the components of business continuity management (BCM) that help to ensure that these critical business operations can be maintained or recovered in a timely fashion in the event of a disruption include the following:

  • BCM policy
  • Business impact analysis (BIA) including risk assessment
  • Recovery objectives and strategies
  • Business continuity plan (BCP)
  • Programs for review and testing of the BCP and training and ensuring awareness of staff in relation to BCM

Download Prudential Standard CPS 232 for Business Continuity Guide

Who’s in charge of executing Business Continuity Management standards?

That’s all well in good. But who’s in charge of making this all happen. The benefit of business continuity management standards like CPS 232 (and sector-agnostic standards like ISO 22301) is that they stipulate who should be responsible for getting the BCM program up and running and ensuring major organisational priorities get done.

In the case of CPS 232, specifically, Board members must see to it that their institutions comply. The requirements for which those Board members are on the hook include:

  • Maintain a business continuity management policy for the institution or group that is approved by the Board
  • Identify, assess, and manage potential business continuity risks to ensure that the institution can meet its financial and service obligations to its depositors, policyholders, and other stakeholders
  • Consider business continuity risks and controls as part of its risk management framework
  • Maintain a business continuity plan documenting procedures and information that enables the institution to manage business disruptions
  • Review the business continuity plan annually and periodically arrange for its review by the internal audit function or an appropriate external expert
  • Notify APRA in the event of certain disruptions

Timely notification requirements included in Business Continuity Management standards

Though a sectoral standard, CPS 232 lays out requirements that can be applied broadly. For instance, its timely notification requirements aren’t that dissimilar to what one sees in other major industries.

A regulated institution must notify APRA as soon as possible and no later than 24 hours after it experiences a disruption that has the potential to have a material impact on the institution’s risk profile or affect its financial soundness.

What’s more, that entity must also explain to APRA the nature of the disruption, the action being taken, its likely effect, and the timeframe for returning to normal operations.

If your industry regulator doesn’t currently compel you to notify them expeditiously after a disruption (of whatever kind), it’s likely they will soon. As crises increase in kind, cost, and severity, most regulators are stepping up. 

Having the capability to address these kinds of requirements, which often means procuring business continuity platform, should be an organisational priority. To get you on the road, read up on some of the similarities between CPS 232 and ISO 22301 in our Guide to Understanding CPS 232: 

Download Prudential Standard CPS 232 for Business Continuity Guide