[BCM] [GRA] [E1] [C3] Establishing Organisational Goals

Establishing Organisational Goals

 

 

Introduction

One of the fundamental requirements of ISO 22301 is that an organisation clearly understands why it is implementing a Business Continuity Management (BCM) programme and what outcomes it intends to achieve.

These desired outcomes are commonly expressed as organisational BCM goals.

Organisational BCM goals provide strategic direction for the BCM programme and establish the foundation for developing business continuity objectives, strategies, plans, and performance measures.

They ensure that BCM initiatives are aligned with the organisation's mission, statutory responsibilities, stakeholder expectations, and operational priorities.

For the Gambling Regulatory Authority (GRA), BCM goals must support its role as Singapore's gambling regulator responsible for licensing, regulatory oversight, compliance monitoring, enforcement, responsible gambling initiatives, stakeholder engagement, and public protection.

The goals should also align with Singapore Government expectations for public sector resilience and ensure that GRA can continue to perform its critical regulatory functions during disruptions.

This chapter identifies the key organisational goals that should guide the design, implementation, maintenance, and continual improvement of GRA's BCM programme.

 

Purpose of Establishing BCM Goals

The purpose of establishing BCM goals is to:

• Provide strategic direction for the BCM programme.
• Align BCM initiatives with GRA's mission and regulatory mandate.
• Support the achievement of organisational objectives during disruptions.
• Establish a framework for BCM decision-making.
• Facilitate resource allocation and prioritisation.
• Support performance measurement and continual improvement.
• Demonstrate leadership commitment to organisational resilience.

 

Relationship Between Organisational Goals and BCM

The BCM programme should not operate independently of the organisation's strategic direction. Instead, BCM goals should directly support the achievement of GRA's broader mission and responsibilities.

 

GRA's Regulatory Mission

GRA's BCM goals should support the Authority's ability to:

• Regulate gambling activities effectively.
• Maintain public confidence in the regulatory framework.
• Protect public interest.
• Promote responsible gambling.
• Enforce compliance with gambling laws and regulations.
• Support national governance objectives.

 

Proposed Organisational Goals for BCM

 

Goal 1: Ensure Continuity of Critical Regulatory Functions

Purpose

To ensure that essential regulatory functions remain operational during disruptions.

Desired Outcome

GRA can continue to perform critical activities such as licensing, compliance monitoring, enforcement, and regulatory decision-making even during adverse events.

Examples

• Continue processing urgent licence applications.
• Maintain enforcement actions against non-compliant operators.
• Sustain regulatory oversight activities.

 

Goal 2: Protect Public Interest and Regulatory Integrity

Purpose

To ensure disruptions do not compromise GRA's ability to fulfil its statutory responsibilities.

Desired Outcome

The integrity, fairness, transparency, and effectiveness of gambling regulation are maintained under all circumstances.

Examples

• Continue critical regulatory decision-making.
• Prevent regulatory gaps.
• Maintain compliance with legislation.

 

Goal 3: Safeguard Public Confidence

Purpose

To maintain trust in Singapore's gambling regulatory framework during disruptions.

Desired Outcome

Stakeholders remain confident that GRA can continue to regulate effectively despite operational challenges.

Examples

• Timely public communication.
• Transparent stakeholder engagement.
• Consistent regulatory actions.

 

Goal 4: Protect Critical Information Assets

Purpose

To ensure the confidentiality, integrity, and availability of regulatory information.

Desired Outcome

Critical licensing, compliance, enforcement, and investigation information remains secure and recoverable.

Examples

• Protect sensitive regulatory databases.
• Maintain secure access controls.
• Ensure recovery of vital records.

 

Goal 5: Strengthen Organisational Resilience

Purpose

To enhance GRA's ability to anticipate, respond to, recover from, and adapt to disruptions.

Desired Outcome

The organisation develops resilience capabilities that support long-term operational sustainability.

Examples

• BCM exercises and testing.
• Cross-training of personnel.
• Alternate operating arrangements.

 

Goal 6: Minimise Operational Disruption

Purpose

To reduce the impact of incidents on critical services.

Desired Outcome

Disruptions are managed effectively with minimal interruption to regulatory operations.

Examples

• Rapid recovery of systems.
• Alternate workplace arrangements.
• Continuity of key business processes.

 

Goal 7: Ensure Availability of Critical ICT Services

Purpose

To maintain the technology systems that support regulatory functions.

Desired Outcome

Critical systems are recoverable within defined recovery objectives.

Examples

• Licensing system recovery.
• Regulatory database availability.
• Secure communication systems.

 

Goal 8: Support Effective Crisis Management

Purpose

To ensure leadership can make informed decisions during major incidents.

Desired Outcome

Strategic response activities are coordinated and effective.

Examples

• Crisis management team activation.
• Executive decision-making support.
• Stakeholder communication management.

 

Goal 9: Maintain Inter-Agency Coordination

Purpose

To ensure continuity of collaboration with government agencies and external stakeholders.

Desired Outcome

Critical regulatory and operational relationships remain effective during disruptions.

Examples

• Coordination with law enforcement agencies.
• Collaboration with cybersecurity authorities.
• Engagement with government ministries.

 

Goal 10: Achieve Compliance with ISO 22301 and Singapore Government BCM Requirements

Purpose

To establish a BCM programme aligned with recognised standards and government expectations.

Desired Outcome

A robust, auditable, and sustainable BCM programme.

Examples

• BCM governance structure.
• Risk assessments and BIAs.
• Testing and exercising programmes.

 

BCM Goals Aligned with Singapore Government BCM Policy

The Singapore Government BCM Policy emphasises the continuity of essential government services and the resilience of public sector agencies.

Accordingly, GRA's BCM goals should ensure:

 

Singapore Government BCM Expectation	GRA BCM Goal
Continuity of Essential Services	Ensure continuity of critical regulatory functions
Public Confidence	Safeguard stakeholder trust
Whole-of-Government Resilience	Maintain inter-agency coordination
Protection of Information	Protect critical information assets
Effective Incident Response	Support crisis management capabilities
Continuous Improvement	Strengthen organisational resilience

 

Measuring Success Against BCM Goals

To ensure effectiveness, GRA should establish Key Performance Indicators (KPIs) for each goal.

Examples include:

 

Goal	Example KPI
Continuity of Critical Functions	% of critical functions recovered within RTO
Information Protection	Number of critical data losses
Crisis Management	Time taken to activate crisis response
System Availability	Percentage uptime of critical systems
BCM Awareness	Percentage of staff trained annually
Exercise Programme	Number of exercises conducted annually

 

The Gambling Regulatory Authority's (GRA) Business Continuity Management goals establish the strategic foundation for developing an effective and resilient BCM programme.

These goals ensure that GRA can continue delivering critical regulatory services, maintain public confidence, protect regulatory integrity, and fulfil its statutory responsibilities during disruptions.

Aligned with ISO 22301 and the Singapore Government BCM Policy, these goals focus on the continuity of essential regulatory functions, the protection of information assets, the resilience of people and technology, effective crisis management, and continual improvement.

By clearly defining and pursuing these goals, GRA strengthens its ability to withstand disruptions, recover efficiently, and continue serving the public interest while maintaining confidence in Singapore's gambling regulatory framework.