Business Continuity Maturity: Do You Know How to Get There?
By: admin Date Published: October 17th, 2018 0 Comments
If you’ve ever tried to figure out which generation you belong to, you will realize quickly that there doesn’t seem to be consistency in the measurement. I am personally in this sweet spot between Generation X and Millennials. There is a new term coined for this called: “Xennials”- which are those individuals who had pre-technology childhoods, and then throughout adult life were immersed in technological advances.
For instance, I remember using paper maps when I would drive all around a metropolitan city I used to work for right out of college. Flash forward to today, I use the Google maps app on my smartphone daily. I can find exactly where I am at any given moment, scope out places I haven’t been yet or even read about other’s experiences who have already been there.
Wouldn’t this type of mapping be wonderful for those of us building or managing a business continuity management (BCM) program?
I think that a common problem for many BCM practitioners is really being able to demonstrate exactly where their program is when it comes to BCM. How often has your leadership asked the questions: “How far along are we in creating the BCM program?” or “Where do we need to be to meet requirements and expectations?” Far too often the BCM practitioner faces the difficulty of qualifying what the investment into business continuity really means to a business and how much further they must proceed to meet their risk tolerance.
The Business Continuity Maturity Model® (BCMM®) was originally published in 2003 to help organizations assess and improve their business continuity program. The effort focused on creating a mechanism that could answer the following key questions for BCM practitioners and senior management:
Where are we now?
What level of BC program maturity do we currently possess?
What is the target we are shooting for?
What level of BC program maturity is our goal?
What evolutionary path do we follow to get there?
How should we progress most effectively to the next Level?
Various standards have been created to evaluate if an organization meets prescribed requirements in process and documents. The inaugural version of the BCMM® incorporated the requirements of ISO22301, NFPA1600, and ASIS SPC1.2009-1. And we’re adding more to it annually.
If you’re not aware, the BCMM® contains corporate competencies and business continuity program content segments. Each competency or segment defines the general attributes of an organization at this Level of the Model. The segments within the BCMM® attempt to answer the following questions:
So Where Do I Start?
One immediate use of the BCMM® is to assess your current state. The full BCMM assessment tool takes a user through each segment described above and includes close to 300 questions to help determine your program’s maturity level.
But I realize that sometimes you just want to get an awareness of whether your program is close to meeting the standards. That’s why we’ve created a “mini-assessment” tool that allows you to see how the BCMM assessment tool works, while helping you understand whether you’re on track to having a “standards-compliant” BCM program.