Expand your BCM insights and abilities. Explore the answers to these common questions about business continuity planning and management to see how they compare with your current experience.
What constitutes a disaster and impact?
A disaster is any event that negatively impacts people, facilities, operations or IT infrastructure, from natural disasters and fires to power outages and human mistakes. Ultimately it is not the disaster that matters but what the impact of that disaster is. Every disaster will have a different impact to your organization. Effective planning revolves around planning for worst-case impacts.
What is the purpose and benefit of BCP?
The purpose of a Business Continuity Planning (BCP) is to mitigate impact both before and after a disaster happens. On the front-end effective risk management provides mitigation of the probability of occurrence of a particular threat or reduction of the probable resultant impact. After a disaster, an effective BCP provides a method for immediate response to the disaster, expedited recovery of critical operations, and restoration of infrastructure to normal operational levels. Having a BC plan ensures that your organization stays competitive, achieves compliance, and can recover quickly in the face of a disaster.
- Resilience. According to Gartner, three out of five enterprises that experience a disaster will go out of business within five years. If anything does happen, you are risking not
- Competitiveness. After a disaster, time is money. Every minute you are not servicing your customers, you lose revenue. Losing customers and a damaged brand compound the problems. Organizations that are truly prepared will be more competitive than those that are not.
- Compliance. There are over 100 regulations that mandate a strong BCP. Not meeting the BCP provisions of these regulations may result in fines or even closure. Government regulations and industry standards may also require you to have a plan.
A BC plan is composed of data that enables these goals and includes the following components:
- Risk Assessment
- Business Impact Analysis
- Business Recovery Plan
- IT Disaster Recovery Plan
- Crisis Management (Response) Plan