Key Elements of an Effective Business Continuity Strategy/ Planby Core Consulting Continuity and Resilience
There is no pleasure in thinking about the ways your business could be disrupted – snow-storms, tsunamis, hurricanes, tornados, earthquakes, epidemics, terrorism, fires, floods, failed water main (minor incidents) or office relocation (planned events). These events keep Business leaders and executives up at night. However, they do even have the best remedy for this – a robust business continuity strategy that any business owner can count on to minimalize the impact of any of the events (mentioned above) and keep their business going through every possible situation.
The business leaders schedule business continuity training (established through the TNA – training needs analysis) to strategies an effective continuity plan. Below are a few main elements of an effective business continuity strategy.
Well Defined Team
In case of an emergency, make sure people don’t have to question who is the in-charge. Make available a business continuity team for every part and location of your organization. The team will be responsible for leading the local response to local needs along with catering to the wider space between organization for local, national and even international based emergencies. It is important that the team stays upright throughout the year and keeps the strategy plan updated and has a practical understanding of the plan execution in case of an actual emergency.
A Detailed Plan
Make sure you know all the possible kind of disruptions that could happen to your business for every department and location. Begin with the worst and then find the solution to what would be the most needed to maintain the most important operations within your business. The impact areas such as – revenue, brand concern, regulatory implications, customer protection, etc. all should be considered (with most important on top and going down with less important). The strategies and plans should cover the following areas:
Once the business continuity team identifies and agrees to the above analysis (which obviously is difficult to achieve), it can move to next phase of identifying recovery strategies and costs estimates around each of them. This will also help the IT department of the business to confirm that during an emergency the most crucial applications will be available to the business within an ascertained RTO (Recovery Time Objective) and RPO (Recovery Point Objective).
BC Plan perhaps is the only plan of its type that we develop and hope that we wouldn’t have to use this. Hence testing of the BC plan becomes important to ensure the currency, completeness, correctness and effectiveness of the same. An ineffective or out-of-date business continuity plan is the worst-case scenario, offering you false hopes of security and leaving you in a lurch when things actually go wrong. It is important that the team reviews the plan at least once a year (ideally more reviews are required) to mirror the changes in business priorities, IT environment, operational structure and many other factors. Conducting full simulation will give you the clear effectiveness of the plan, showcasing everything from the recovery of applications to crisis communications. It is also advised to supplement these simulation activities with regular table-top exercises that will make the team acquainted with new twists in to the catastrophic situations, keeping you on your toes.
Effective communications play an important part in dealing with the emergency situation and can switch the panic situation in to a smooth emergency response. Design a toolkit that comprehends a complete array of communication channels, which include – email, telecom, public address, intranet, the company website, IM, and texting. Keep draft messages ready that as and when required can be updated and delivered almost immediately. Make sure the organization is equipped to deliver consistent public messages through – press-releases, social media and/or with company’s spokespeople available for interviews. The organisation should have the capability to receive, acknowledge and respond to all relevant interested parties.
There can be nothing more important than keeping employees safe. Make sure you connect with local agencies like – Red Cross/ ambulance/ hospital, police and fire department, along with any other entities and involve them in your BCM program.
Uninterrupted Access to Business Resources
It is important for people to keep working – it is not about productivity, it is about keeping data safe and assuring that the customers aren’t left hanging. People with the help of remote access technologies can resume their working from a safe environment like – from home. Organizations that have mobile workstyles in place are a way ahead of the game. At the same time it is reminded that ‘work from home’ has serious implications which must be evaluated e.g. will all office rules and regulations become applicable to home?
Continuous IT Operations
Continuity for the Data centre is the final element. Be it for scale or redundancy, big organizations maintain more than one data centre. If one goes offline (planned or unplanned), employees can switch to another and get access to the same data and applications. Ensure the business infrastructure can support this in terms of automated failover, network capacity and load balancing. The solutions may be hot, warm or cold and inhouse or outsourced. The IT should be planned to support the RTOs and RPOs defined by the business.
Standards like ISO 22301, ISO 31000, ISO 27001, ISO 22398, ISO 22316 etc. go hand-in-hand and need to be studied together for effective BCM Planning.
http://coreconsulting.ae/ offers business continuity training to help you and your business to handle disruptions of all kinds.
Created on Nov 24th 2017 06:54. Viewed 458 times.
No comment, be the first to comment.