Your organisation is a collection of people, processes, systems and various other resources. These different parts of your organisation collaborate every day to interact and facilitate your operations and work cooperatively towards your larger business goals. When you think of how your organisation operates, it’s likely that these thoughts provoke definitions ofa complex organism – with a matrix of components interacting with other components across different levels facilitated by various infrastructure, policies, processes, relationships and technologies.
Let’s say we remove a component – doesn’t matter which one. Could your business still operate? What if we remove a critical component, or more than one component at the same time? What would happen then? Say it was 40% of staff, or email, or your CRM – would your business still be able to function? Would you have the resources and plans in place to be able to still operate successfully? What would a 5-day outage cost your business? If you can’t answer these questions then it might be time to look at your Disaster Recovery (DR) and Business Continuity Plans (BCP).
It’s a sobering thought that most organisations that suffer a significant disaster never recover and as such, don’t survive. The ones that do, havedeveloped plans and made investments in both prevention and continuity planning. Disasters also come in all shapes and sizes – from Distributed Denial of Service (DDos) attacks against online gaming organisations, to earthquakes or floods – your plans need to take different types of threat, the risk they pose, and the disruptions they cause into account.
A Disaster Recovery Plan is used during the period of a disaster and it is intended to minimise the effects of a significant disruption. Disaster Recovery Plans are usually focussed on your technology and may concentrate on what it will take to get critical IT systems back online.
This is quite different from a Disaster Recovery Plan, which takes a higher-level view of the problem. The BCP details the path you need to take to return to normal operation after a significant disaster or long-term outage. It is often focussed on people and processes as well as IT infrastructure and its aim is to reduce business impact by minimising how long key business processes are offline.
There’s no denying that performing Business Continuity Management in an appropriate way is a big investment for any business. But by performing the standardised processes that create your BCP, you not only get to reduce the risks posed to your organisation by various threats, you also get a much greater understanding of the way your business operates and which key processes, people and infrastructure you really can’t do without.
So before you start to look at possible solutions to the problems posed by significant disruptions or outages, you need to get an accurate picture of how your business operates and the processes it relies on. Obviously, this will be different for every business, and therefore, the right solutions will be different for different businesses too. There’s no ‘one-size-fits-all’ solution to BCP – the only solution is a tailored solution. But that doesn’t necessarily mean that every solution is an expensive one.
Key to creating a successful BCP is performing both Business Impact Analyses (BIA) and Risk Assessments, and it’s these analyses that will determine which preventative or continuity measures are right for your business. Essentially the BIA looks at the functional processes of your business and prioritises them according to their criticality to operation. The Risk Assessments look at the possible impact and likelihood of particular threats occurring and disrupting those processes.
These measures will help you determine which types of services you can use to overcome these challenges. Considering all the different dimensions involved in creating a BCP, having a partner that can help lead you through this process and supply appropriate guidance and possible solutions is also invaluable. Nextgen Group can partner with you in this area and provide a range of services including:
Remember, Business Continuity Planning is an iterative process – not something you set once and forget. It might look like a lot of work and expense to get it right, but when you add up the possible consequences of a significant disaster to your business, and consider the number of businesses that never recover from these events, you might discover that it’s more than affordable – it’s a necessity.