5 ESSENTIAL TIPS FOR EFFECTIVE BUSINESS CONTINUITY PLANNING

1. Plan smart, not big!

Throughout my experience, I’ve witnessed countless organisations attempting to plan for every imaginable situation. However, it’s important to acknowledge that it’s simply not feasible to anticipate every single eventuality. Instead of striving for an all-encompassing plan, focus on creating a plan that empowers you to make well-informed decisions in any given scenario. A good plan is one that is practical and useful, providing essential information that aids decision-making. Avoid including unnecessary details that only make the plan cumbersome and impractical. If you find the need for a specific scenario-based plan, ensure it is laser-focused on that particular situation, and most importantly, ensure that everyone comprehends its purpose.

2. Understand what is important and why

In my view, it’s crucial to have a clear understanding of what is truly critical in your business and the dependencies associated with those critical elements. Without this understanding, how can you effectively safeguard your business? You may find yourself dedicating efforts to the wrong areas or unintentionally overlooking dependencies that could have a significant impact. Conducting a Business Impact Analysis (BIA) may require considerable effort and time, but it serves as a valuable shortcut for identifying operational risks that may not surface until an actual incident occurs. It’s of utmost importance that anyone involved in business continuity or operational resilience comprehends the significance of these efforts and fully buys into their purpose.

3. Board engagement is key

Throughout my experience, I have encountered the repeated notion that securing management buy-in is indispensable for a thriving resilience program, and I wholeheartedly agree. Without the endorsement of management, how can we anticipate the rest of the staff to actively participate? It is crucial for employees to recognise that the resilience program is backed and mandated by the board. It is not an optional endeavour but a necessary one in order to safeguard the business. Over time, it becomes ingrained in the culture of the organisation, shaping the way we operate and protect our interests.

Find help to get buy in here

4. You are only as good as your last test!

I firmly believe in the adage “you are only as good as your last test.” It doesn’t matter how impressive your plans may be if you’ve never put them to the test. How can you be certain they will actually work? Furthermore, how can you ensure that your staff knows their roles and responsibilities during an incident? Do they understand the procedures they need to follow? Testing is an invaluable practice that fosters inclusivity and helps individuals grasp their responsibilities in an emergency. It not only boosts their confidence in meeting expectations, but also allows them to practice their response in a controlled environment, free from the fear of making mistakes. Remember, it’s far better to discover any flaws or missing critical data during an exercise than during a real incident when you’re relying on it. Testing is the key to building resilience and ensuring readiness when it matters most.

5. Suppliers

I want to emphasise the significant role that suppliers play in our success. They often provide crucial services and data that are vital to our operations.

It’s important to treat them as an extension of our own business or as an additional department. Taking the time to understand them in detail is essential. Including them in our planning and testing processes is a crucial step towards building a resilient relationship. It ensures that both parties understand the significance of what they provide to us. Equally important is gaining insight into their resilience capabilities and how they would continue to deliver their services in the event of an incident. By involving them in our program and taking the opportunity to develop a deeper understanding, we can foster a stronger and more resilient partnership.

About the author

Colin Jeffs MBCI moved into the realm of business continuity from IT project management where, as part of implementing IT systems, he had to implement resiliency. Colin has worked in business continuity/operational resilience and crisis management for more than 28 years, holding senior roles in these disciplines for many years at major financial institutions in the city of London. Colin now heads up Daisy’s award-winning operational resilience consulting and software division.