It doesn’t matter if you call it business continuity, organizational resilience, risk management, disaster recovery or continuity of operations, there are some important terms, every beginner needs to know to have a sustainable program. Here is my take on some of these common BC terms. Consider it a BC beginner’s cheat sheet!
THE BUSINESS CONTINUITY NEWBIE CHEAT SHEET
1. Business Impact Analysis
Define, measure & assess the financial, customer, regulatory and/or reputational impacts & determine an optimal Recovery Time Objective (RTO). You will most likely determine that the cost of not having organizational resilience is very high.
2. Recovery Time Objective
This is the targeted duration of time in which a business or operational process or system must be restored after a disaster, unexpected event or disruption in order to avoid negative impact or undesirable consequences. Essentially, “How long can you survive the disruption?”
3. Cyber Security
Reinforce your IT infrastructure so that a cyber security breach doesn’t negatively impact your business continuity & force your organization into disaster recovery mode. Keep in mind IT is only one part of continuity, but very important as demonstrated in current events such as ransomware, hacks & other cyber-attacks.
4. Evaluate & Control Risk
Identify & assess the risks, threats, vulnerabilities & impact to increase your organization's resiliency. These can include internal, external, financial, social & structural aspects of the organization.
5. Business Continuity Strategy
Every organization needs a BC strategy – not just a check list of things to do, but a well-thought out management plan in case of an unexpected or disruptive event. Be sure to determine financial, operational, technological and social strategies with a cost benefit analysis to assess the cost of implementing the strategy against the assets at risk.
6. Emergency Response & Operations
Create a plan to respond to emergencies in a coordinated, timely & effective manner to address life safety & stabilization of emergency situations until the arrival of first responders. Be sure to coordinate with local emergency response agencies.
7. Document & Implement a Recovery Plan
Design, develop, & implement the business continuity strategies approved by your organization & document the recovery plans. Be sure to document what worked and didn’t work during an actual event or test of the plan. You can uncover some great best practices & opportunities for improvement.
8. Build Enterprise Engagement & Executive Buy-in
Business continuity can only be successful with engagement & buy-in. A good business continuity pro must establish & maintain corporate awareness & gain executive support of Business Continuity Management. Simplify the training into common language the team can relate to for optimal engagement.
9. Crisis Communications Planning
A strong BCM solution has a strong crisis communicate plan. Maintain team, emergency responder & public communications can be key in maintain continuity. Not communicating leads to unwanted speculation & mistrust.
10. Exercise, Test, Audit & Maintain
To be effective, a BCM Program must implement a regular exercise (testing) schedule to maintain a predictable & repeatable performance of recovery responses. You can learn from both your successes & mistakes.
Start with a basic BC plan & then build upon it. Any business continuity plan should be dynamic & adapted based on new threats or changes in the market or organization. Engage with BC consultants or consider BC planning software to strengthen your program. Never be afraid to ask questions. Every BC expert I have ever met, loves to discuss & explain how it works. Find one that “speaks your language” & understands the specific needs of your organization or industry.
Check out this dynamic, customizable business continuity planning management system.