The role of a business continuity plan following a crisis

Business Continuity Planning is

“planning which identifies the organization’s exposure to internal and external threats and synthesizes hard and soft assets to provide effective prevention and recovery for the organization, whilst maintaining competitive advantage and value system integrity”

(Elliot, Swartz, & Herbane, 1999).

Business Continuity Management (BCM) is an ongoing state or methodology governing how business is conducted, it is not about having a printed document that contains possible responses to ‘what if’ situations that can be presented to the board and then stored in a filing cabinet, (Standards Australia, 2006). Business Continuity Management is about having an effective process that allows individuals to:

  • Better understand uncertainty about the future;
  • Realise the potential for different types of disruption;
  • Better plan for future management of those disruptions;
  • And to put in place business improvement now to reduce the likelihood and/or consequence of significant future disruption.

Business Continuity plans provide practical strategies to follow in a crisis, e.g. flood, storm, explosion, adverse market or financial circumstances, computer viruses or power outages, (Australian Governement). Following a crisis situation it can be extremely difficult for an organisation to recover, developing plans and strategies at the time of the crisis is impractical and ineffective. A well prepared continuity plan will assist the organisation to stay in business in the event of a disaster.

In the event of a city being struck by a large scale earthquake an organisation with a continuity plan which anticipates this type of crisis and provides methods for recovery will have the ability to better ensure the safety of its people, its property, customer base and reputation. Overall this may give this individual organisation the ability to continue operating through the crisis.

Looking for an example BCM Policy? Feel free to take a copy of the below and modify to suit, make sure you change ‘COMPANY’ to your business name.

 

Business Continuity Management Policy

Date approved: 1st May 2011

Date of next review: 1st May 2012

Aim/Purpose of Policy

This policy provides the principles and responsibilities for responding to disruptions from internal or external events in a way that ensures critical functions are maintained or restored in a timely fashion, whilst minimizing the impact of workers, stakeholders, customers and the general community.

Scope

This policy applies to any major disruption to business operations. All departments within the organization are required to prepare business continuity management plans.

Definitions

Business Continuity Management System (BCMS) The overall management system that establishes, implements, operates, monitors, reviews, maintains and improves business continuity

Business Continuity Plan (BCP) A collection of procedures and information that is developed, compiled and maintained in readiness for use in an incident, emergency or disaster to facilitate resumption of those processes that are essential to the delivery of outputs and achievement of key business objectives

Business Impact Analysis (BIA) The process of identifying impacts that interrupt business processes and the resources required over time in order to return to normal operations

Objectives

In the event of a disruption to business processes, COMPANY aims to meet the following objectives:

  • To ensure adequate resources are available to operate the business to an acceptable level of operation;
  • To ensure the health, welfare and safety of all workers;
  • To maintain customer, employee and stakeholders contact and confidence;
  • To fulfill regulatory requirements;
  • To control expenditure and reduce any extraordinary costs caused by an event.

Principles

  • Business Continuity Management is an integral element in the organisation’s Risk Management processes;
  • COMPANY is committed to the establishment and maintenance of Business Continuity Plans for each worksite.
  • Business Continuity will be managed in accordance with the procedures set out in the organisation’s
  • Regular testing, knowledge development and awareness programs will be undertaken to ensure that staff are familiar with Business Continuity.

Roles and Responsibilities

  • The business leadership team is responsible for overseeing the management and assessment of risk across the organization;
  • Department (Support functions) and Site Managers are the Business Continuity Plan owners with responsibility for ensuring that all critical functions under their responsibility have Business Continuity Plans established, maintained and reviewed.
  • All employees are expected to recognize the important of business continuity, to be familiar with the provisions of this policy and to support the processes that will appropriately manage a serious disruption to operations and business.

Supporting documents

• Risk Management Policy;

Version control and change history

Version control: 1.0

Date effective: April 2011

Approved by: Chief Executive Officer

Amendment: First version

Review

This policy is to be reviewed annually or as business operations change.