Number of standards for BCP are prescribed by various agencies such as: BS 17799 Information Security Standard BS 25999 BCP Standard ISO 9000:2000 NFPA 1600 ISO 17799 Information Security Management Standard.Risk Management Versus Compliance Risk Management : Compliance Risk is the risk that the Company’s actions or inactions might result into potential regulatory interventions or regulatory actions which could adversely affect the company’s reputation. This is important risk especially in the insurance sector given that many insurance companies have been penalized by IRDAI in the recent past. Compliance risk management aims to proactively identify the compliance risks by the respective functional units, identifying the current controls and taking corrective actions to mitigate the compliance risks. The Chief Compliance Officer puts into place a framework for the purpose. The compliance with applicable regulations is the responsibility of the respective functional units viz., compliance risk management process is owned by the respective function units with the Chief Compliance Officer facilitating the process. The process requires (a) Identification of potential compliance risks (b) Rating of the risks (c) Current controls in place and evaluation of adequacy of current controls (d) Identification of new actions required to mitigate the risk (e) Projected risk rating after implementation of new actionable owner (h) Discussions with Management Committee comprising of all direct reportees of CEO on the compliance Risk Management program.