March the 17th marked the start of Business Continuity awareness week 2014 and what better time than just after one of the biggest bank holidays in the year to talk about how your business would cope with an out of the ordinary day?
People might be out of the office on leave, or perhaps they have called in sick due to a few too many last night celebrating St Patrick’s day. Either way your business should be able to handle a couple of people out of the office, but what if your office was without water, heating or power? What if your office loses its internet connection? What if one of your suppliers is unable to fulfil his contractual agreements?
There are a myriad of potential pitfalls for organisations and the only way to protect yourself is to plan for the worst and hope for the best. Most modern businesses try to mitigate their risks by having some kind of insurance, either for their premises or possibly for specific deals. The hope is that they never have to use them but that if the worst happens they are protected. This is exactly the kind of attitude that businesses need to adopt when it comes to Business Continuity.
in the 2013 Business Continuity survey, carried out by the Business Continuity Institute it was found that
- 70% of business were concerned about unplanned telecoms outages
- 66% were worried about a data breach
- 65% had fears about a cyber attack
- 53% were troubled by extreme or adverse weather
True business continuity is more than just disaster recovery, it is about ensuring that a business can continue to exist after the disaster has occurred. Disaster recovery can be said to be more focused on technical matters, ensuring that infrastructure and systems are reinstated as soon as possible. Business continuity involves management leadership and helping to focus on the business on what is important.
The maximum tolerable period of disruption, also known as the maximum acceptable outage, is something that every business should be aware of. That is, what is the total amount of time that a business cannot offer its normal services before key stakeholders (can be clients or suppliers) perceive unacceptable consequences.
Perception is the key here. What might be acceptable for one key stakeholder may be totally unacceptable for another. Managing communication during any absence is vital.
An ISO 22301 Business Continuity management system calls for continuous improvement. A certified system gives a business demonstrable evidence to show its clients and key stakeholders that it has prepared itself.
Companies should not only have a business continuity plan but they should test it out. Conducted war games is the perfect way to truly test your readiness. Discipline comes from being well rehearsed and independently assessed.
When assessing the costs to business of implementing a continuity system the costs should be assessed in their totality. Restoration of service is just part of the story. Can you asses what your loss of reputation or loss of potential business is? It is estimated that less than 70% of all businesses who are forced to close for a week or longer would survive.
A well managed business continuity management system can help to identify a company’s shortcomings, create business cases for investment and even help staff towards their developmental goals.
Above all else, a certified ISO 22301 Business Continuity Management System offers businesses a unique selling point. A chance for them to give their clients peace of mind.
If you are ready to talk about protecting your business then please contact Rob Lyons today at RobLyons@certificationeurope.com or phone (01) 6429300 EXT 109.