Business Continuity planning: HOW TO
Business Continuity (BC) planning is the process of setting in place guidelines and systems of prevention and recovery in the event of a crisis. This includes, but is not limited to, business operations, assets, personnel, and resources. A Business Continuity plan is your commitment to protecting your company by ensuring ongoing operation when unforeseen disasters occur. It is essentially an organization’s resilience plan. Your staff should know exactly what tasks they must perform when disaster strikes in order to achieve recovery from such event.
Two important parts of the BC plan are the Business Impact Analysis (BIA) and the Disaster Recovery (DR) plan. Do not confuse the BC with the DR. Disaster recovery is part of the Business Continuity plan. A DR plan primarily deals with reinstating IT functions after a disaster occurs, whereas a BC plan is an overall plan of the organization’s recovery strategy. A BIA is usually a cost evaluation of an unforeseen loss of business functions, which helps your organization assess the risks and the set priorities.
Below are 4 important points on creating a BC plan:
1. Assessing the importance of Business Continuity
Especially in today’s world, consumers have high expectations in regard to privacy and security systems. No matter the size of your organization, the sustainability of your company relies on your processes and human resources. Various disaster resilience solutions are available in the market to facilitate IT restoration, and good preparation to implement these solutions reassures customers and builds trust.
2. Forming your BC plan
Start with creating a BIA plan to incorporate in the BC plan, by evaluating your organization’s procedures and identifying weak areas. Estimate possible future losses in the event of a crisis, whether short-term or long-term. Then, set up appointments with personnel from other organizations who have dealt with crisis in the past, to help you include important elements in your plan that you have not considered.Next, follow these steps to solidify your plan:
- Pinpoint key departments
- Determine time frame for each process
- Specify your organization’s main functions
- Put together a plan to sustain operational processes
- Create a checklist that contains contact information for emergency responders per respective department
3. Testing your BC plan
Having a testing strategy in place offers organizations the opportunity to find errors and refine their practices. Keep refreshing the group of employees who are participating in the team tests to gather different opinions and perspectives. Make it realistic in order to catch your staff off guard and thus gain a better understanding of your plan’s effectiveness. Depending on the size of your organization, repeat the procedure more than twice a year. Usually, test teams are comprised by the Recovery Manager and the heads of departments and follow test methods such as conference room exercises (table-top), structured walkthroughs, and crisis simulations (i.e. emergency evacuation).
4. Revising your BC plan
The BC plan needs to be constantly revised to be up-to-date with the continuous technology changes, and at the same time be introduced to the constant flow of new personnel that organizations have. Arrange periodic reviews to make modifications and/or introduce new key points. Before you do that, get feedback on the plan from all departments in order to include staff suggestions in the plan, as well as valuable lessons taken from previous crisis situations, if any. Once you have the plan, it is pivotal for senior management to conduct the training, as it highlights its significance and has a greater impact in the eyes of the personnel.