The Best Experience a Business-Continuity Analyst Can Bring to the Table
People will ask: “What is the best experience a business-continuity analyst can bring to the table?” Well, one of the biggest things about business continuity is that it revolves around understanding the business process—knowing how an organization works. You can't determine how best to recover an organization until you first understand how that organization normally operates.
When you're looking at skill sets in this vein, the role of the business analyst is really an excellent starting point for the aspiring business-continuity analyst. So now we're looking at exactly what a business continuity analyst does. A business continuity analyst will possess a variety of different skill sets—and they will all fit into business continuity planning and management.
One of the first roles is mapping business processes. A business analyst will typically do this in any one of a few different formats. We use something called the operation blueprint. This essentially maps all of the different steps to the business process. It also then links-up all of the supporting resources. Those would be your information-technology assets, your people, your vendors—essentially anything that would support the operation of each different business process, function or activity.
Typically, you will see some business analysts use Visio to map-out this information, perhaps not in much detail. They would often use swim lane diagrams. They may have used some other software programs in order to do that. So it's really a discipline that requires an understanding of how everything works together.
Another focus that compliments the business-analysis process and the business analyst themselves is having specialization in one of the supporting areas mentioned. Areas like IT, facilities management and vendor management are really helpful, with IT probably the most common one. This skill set really involves understanding how these assets support the operation of the business, and how one helps them do that better. This is really important—knowing how the IT assets can better support an organization. In other words; we're looking at automation, for IT assets that may not be providing value, for single points of vulnerability and failure. That's where we get into risk analysis.
This is also where we go back to the original business analysis. When you're mapping-out business processes, you can also identify the vulnerabilities in those processes at the same time. You may have an excessive number of manual handoffs that occur between business units or along a process itself. The more manual steps there are, the greater the possibility for problems to arise. Also, when you're looking at single points of failure, over-dependence on systems is another concern. While it may be that you want everything all-together—and it’s great to get those economies of scale—we also need to make sure those different areas have resiliency, especially once they're used across the company.