Business Continuity Program Management Benchmarking Report

Similar documents
Global Business Barometer April 2008

Global solutions. Local expertise.

Marine. Global Programmes. cunninghamlindsey.com. A Cunningham Lindsey service

SANGAM GLOBAL PHARMACEUTICAL & REGULATORY CONSULTANCY

2018 Edelman Trust Barometer

Market Allocation Platform Guiding investment decisions to maximize ROI. Tourism Economics

WHY UHY? The network for doing business

EQUITY REPORTING & WITHHOLDING. Updated May 2016

2018 Global Survey of Accounting Assumptions. for Defined Benefit Plans. Executive summary

CREDIT INSURANCE. To ensure peace, you must be prepared for war. CREDIT INSURANCE FUNDAMENTAL SOLUTION IN CREDIT RISK MANAGEMENT

Actuarial Supply & Demand. By i.e. muhanna. i.e. muhanna Page 1 of

2013 Global Survey of Accounting Assumptions. for Defined Benefit Plans. Executive Summary

Clinical Trials Insurance

FTSE All-World ex Coal Index Series

World s Best Investment Bank Awards 2018

Balanced Select Portfolio Pn

KPMG s Individual Income Tax and Social Security Rate Survey 2009 TAX

a closer look GLOBAL TAX WEEKLY ISSUE 249 AUGUST 17, 2017

Total Imports by Volume (Gallons per Country)

Total Imports by Volume (Gallons per Country)

Architects & Engineers Professional Liability

International Travel & Tourism Study (Published March 2005)

(ISC)2 Career Impact Survey

FTSE All-World High Dividend Yield

2009 Half Year Results. August 25, 2009

Risks and Opportunities in Global Equities Today BCI Global Investment Conference Tom Mann, CFA Senior Portfolio Manager

Global Select International Select International Select Hedged Emerging Market Select

Balanced Plus Select Portfolio Pn

An FSE Listings Inc Article FSE Listings Inc- Frankfurt Stock Exchange Listings

CBHI: An evolutionary approach to achieving universal coverage in Low-income Countries?

2016 Edelman Trust Barometer. Canada Report

Guide to Treatment of Withholding Tax Rates. January 2018

FTSE All-World ex Fossil Fuels Index Series

World Consumer Income and Expenditure Patterns

WHY UHY? The network for doing business

Total Imports by Volume (Gallons per Country)

EP UNEP/OzL.Pro.WG.1/39/INF/2

Reporting practices for domestic and total debt securities

Planning Global Compensation Budgets for 2018 November 2017 Update

MCL Global. Major & Complex Loss. Global Capabilities. cunninghamlindsey.com

FTSE Global All Cap Index

MERCER SMARTDB TM A SMARTER APPROACH TO MANAGING LONGEVITY RISK

FTSE Global All Cap Index

FTSE All-World ex Fossil Fuels Index Series

International Debt Collection: the 2018 edition of collection complexity

FOREIGN ACTIVITY REPORT

Market Correlation: Emerging Markets MSCI

Total Imports by Volume (Gallons per Country)

FUTURE STATE OF THE INVESTMENT PROFESSION

Economic Development. Business Plan to restated. Accountability Statement

YUM! Brands, Inc. Historical Financial Summary. Second Quarter, 2017

TPA Global Treasury Playbook 2016

San Francisco Retiree Health Care Trust Fund Education Materials on Public Equity

Total Imports by Volume (Gallons per Country)

Summary 715 SUMMARY. Minimum Legal Fee Schedule. Loser Pays Statute. Prohibition Against Legal Advertising / Soliciting of Pro bono

HEALTH WEALTH CAREER 2016 CA MTCS: MERCER TOTAL COMPENSATION SURVEY FOR THE ENERGY SECTOR OVERVIEW AND SURVEY DEFINITIONS

How Do I Wire My Stock Plan Proceeds?

International Tax Conference

Global Consumer Confidence

CEOs Less Optimistic about Global Economy for 2015

EP UNEP/OzL.Pro.WG.1/36/INF/1

% 5% 18% % 23% 20% % 28% 26% % 43% 37% No response... 1% 1% 1% Male... 63% 64% 63% Female...

Auditores & Consultores S.A. Auditoria - Consultoria - Impuestos - Revisoria Fiscal - Outsourcing WHY UHY? The network for doing business

GOING BEYOND CORPORATE PROFILE

Developing Housing Finance Systems

Global Economic Crisis Barometer

Argentina Bahamas Barbados Bermuda Bolivia Brazil British Virgin Islands Canada Cayman Islands Chile

EDHECinfra Broad Market Index Families

Robas Research Private Limited Panel Book

GIPS AND THE ASIAN MARKET. Annie K. Lo, CFA, CIPM, CAIA

Changing the game. Key findings from The Global State of Information Security Survey 2013

Total Imports by Volume (Gallons per Country)

Best Treasury & Cash Management Providers 2017

Total Imports by Volume (Gallons per Country)

FTSE Global Small Cap

FTSE All-World ex Fossil Fuels Index Series

Total Imports by Volume (Gallons per Country)

Total Imports by Volume (Gallons per Country)

WHY UHY? The network for doing business

Total Imports by Volume (Gallons per Country)

Corporate Governance and Investment Performance: An International Comparison. B. Burçin Yurtoglu University of Vienna Department of Economics

Total Imports by Volume (Gallons per Country)

The Use of Bowtie Theory to Develop and Deliver Process Safety Indicators. Alec Harley

Chart Collection for Morning Briefing

CLAIMANT S STATEMENT AND AUTHORIZATION

Total Imports by Volume (Gallons per Country)

HOW TO BE MORE OPPORTUNISTIC

Global Marine Environment Protection (GMEP) Initiative: G20 Response to the oil spill accident at Deepwater Horizon platform in the Gulf of Mexico

Jefferies Global Healthcare Conference

PMITM. The world s leading economic indicator

All-Country Equity Allocator February 2018

Global Exhibition Barometer 13 th edition (July 2014)

Total Imports by Volume (Gallons per Country)

SINGAPORE - FINAL LIST OF MFN EXEMPTIONS (For the Second Package of Commitments) Countries to which the measure applies

Chart Collection for Morning Briefing

Global Forum on Transparency and Exchange of Information for Tax Purposes. Statement of Outcomes

Earning Power: Project Management Salary Survey 10th Edition

Dutch tax treaty overview Q3, 2012

Organisation de Coopération et de Développement Économiques Organisation for Economic Co-operation and Development

FTSE Global Small Cap Index

Transcription:

Business Continuity Program Management Benchmarking Report SAMPLE REPORT 2017 Prepared by BC Management, Inc. Benchmarking. Plan Ahead. Be Ahead.

Table of Contents Reporting History 4 Study Methodology 4 Assessment of Data & Reporting 4 Participant Data & Respondent Characteristics ~ An overview of respondent characteristics. 4-10 Business Continuity Program Management Awareness Study Topics 11-48 Program Maturity Integration of Program Managing Dispersed Offices Organizational Reporting Structure Program Sponsorship Program Assessment, Audit and Exercising Plans Budgeting Program maturity ratings 11 How long has your program existed 11 Last time your program was thoroughly updated 12 Status of current program 13 Program centralized with budgeting and staffing 14 Centralization of program and program success 14 Discipline oversight by number of disciplines managed in program 15 Integration of program with other organizational disciplines 16 Accountability of offices/ facilities outside current location under existing program 17 Assessment of managing the business continuity program for dispersed offices/ facilities 17 Assessment of program owner 18 Positioning of program for maximum visibility within organization 19 Considering a different department owner 20 Assessment by job title on who is totally engaged and sponsoring the program 21 Sponsor s level of engagement if a chief officer level or above 22 Sponsor s level of separation from the executive committee 22 Positioning of program for maximum visibility within organization 23 Considering a different level of separation from the executive committee 23-24 Who is responsible for reviewing and approving the BIA results 24 Reviewing and updating the business impact assessment (BIA) 25 Leverage the outcome of the BIA and/ or risk assessments to elevate the program 25 Auditing the program 26 Exercising the plans 26 Exercise the plans for mission critical IT assets, mission critical business functions, mission critical third-parties, less critical IT assets, and less critical business functions 27 Scenarios implemented to exercise the plans 27 How is program expenditures managed 28 Approximate annual program budget for contingency related expenses 28 Approximate annual program budget for contingency related expenses by company revenue 29 Approximate annual program budget for contingency related expenses by management of program expenditures 29 Items included in budget 30 Average percent for each budget line item 30 Percent of respondents indicating each budget line item by management of budget 31 Average percent for each budget line item by management of budget 32 Percent of respondents indicating each budget line item by approximate annual program budget 33 Average percent for each budget line item by approximate annual program budget 33 Budget change in the next year 34 Average percent change for each budget line item 34 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 2

Table of Contents Continued Personnel Consulting Initiatives Financial Loss by Hour Percent of respondents managing program personnel 35 Percent of respondents by number of program personnel 35 Minimum, average, maximum number of personnel involved in business continuity planning 36 Average number of program personnel by number of program disciplines 36 Number of current program personnel by number of company employees 37 Number of current program personnel by company revenues 37 Number of current personnel DEDICATED to program planning efforts across ENTIRE organization by each discipline focus 38 Number of current personnel DEDICATED to program planning efforts under YOUR direction and management by each discipline focus 39 Number of current personnel across ENTIRE organization INVOLVED, but not dedicated to program planning efforts by each discipline focus 40 Hiring initiatives 41 Credentials leading to the best hire 41 Reduction of full-time, permanently employed personnel in next year 42 Primary reason behind a reduction in force in the next year 42 Utilization of contractors 43 Longest engagement time for a contractor 43 Consulting work anticipated in the next year 43-45 Estimated financial loss per hour by downtime 46 Who verifies estimated financial loss per time frame 47 Estimated financial loss traced to insurance policies and coverages 47 Estimated financial loss assist in placement of various insurance policies 47 Policies reviewed for estimated financial loss 47 Reasons for Primary reasons for developing and maintaining a program Planning 48 Thank you to BC Management s International Benchmarking Advisory Board 49 About BC Management, Inc. 49 Sample Report This is a sample BCM Benchmarking report. Please contact BC Management at info@bcmanagement.com if you are interested in receiving a similar report customized to your peers (industry and/or similar size organizations). BCM Peer Industry Report is available for the following industries/ company revenues: Financial - Revenues over $10B Financial - Revenues $1-$10B Financial - Revenues $25M-$1B Financial - Revenues less than $125M Education Government Healthcare - Provider Healthcare - Hospital Insurance Manufacturing Pharmaceutical/ Biotech Retail/ Wholesale Technology Telecommunications Utilities All Industries - Revenues over $10B All Industries - Revenues $1-$10B All Industries - Revenues $500M - $1B All Industries - Revenues $50M - $500M All Industries - Revenues less than $50M

Reporting History Since 2001 BC Management, Inc. has been gathering data on business continuity management programs and compensations to provide professionals with the information they need to elevate their programs. Each year our organization strives to improve upon the study questions, distribution of the study and the reporting of the data collected. Study Methodology The on-line study was developed by the BC Management team in conjunction with the BC Management International Benchmarking Advisory Board. WorldAPP Key Survey, an independent company from BC Management, maintains the study and assesses the data collected. Participants were notified of the study primarily through e-newsletters and notifications from BC Management and from many other industry organizations. Respondents receive a unique path of branching questions, which is dependent upon their experience and current business continuity management initiatives. The advanced study is coded with extensive JAVA script to ensure a correct question branching path and to eliminate unintelligible data. The focus is on business continuity program management initiatives, which includes budgets, dedicated personnel, organizational reporting structure, maturity of the program, exercises, auditing and much more. Only those respondents who manage a program within business continuity or a related discipline qualify to complete the program management related questions. All participants are given the option of keeping their identity confidential. Assessment of Data & Reporting BC Management is continuously reviewing and verifying the data points received in the study. Data points in question are confirmed by contacting the respondent who completed that study. If the respondent did not include their contact information, then their response to the study may be removed. With our fifteen years of expertise in collecting and assessing such data points, BC Management has an exceptional understanding of what is considered questionable or unintelligible data. WorldAPP Key Survey built a customized reporting tool for BC Management, which enables us to prepare customized benchmarking reports based on a client s request. The result is a report that provides a unique understanding on how your program compares to competitors or other similar organizations. Before creating the customized report, we verify the filters selected by the client and confirm the number of respondents that will be included in their customized report. Study respondent contact information remains confidential and is never revealed. The charts and graphs will reflect what respondents answered in the study. If a selection within a question is not selected it will NOT be included in the results. Participant Data & Respondent Characteristics 324 study professionals from 37 countries participated in the study assessment between November 3, 2016 January 23, 2017. Incomplete/ partial study responses were included as appropriate within the report. Complete responses were received from the following countries: Argentina, Australia, Bahrain, Canada, Chile, China, Colombia, Costa-Rica, Croatia, Germany, Greece, Guatemala, India, Indonesia, Ireland, Italy, Jamaica, Japan, Kuwait, Malaysia, Mexico, Netherlands, New Zealand, Pakistan, Panama, Peru, Philippines, Portugal, Qatar, Saudi Arabia, Singapore, Spain, Sweden, Uganda, United Arab Emirates, United Kingdom and United States of America. Aggregate Report Focusing on Selected Industry Highlight of company names include = List of company names will be included here for the Industry BCM Benchmarking Report. Individual company responses are never shared. Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 4

Participant Data & Respondent Characteristics Continued Company Gross Revenue (Before Expenses) in 4 36.4% 35% 31.8% 31.8% 5% Number of Company Locations - Corporate/ Operational Functions (Operational, Financial, Manufacturing, Distribution, etc) 27.3% 18.2% 9.1% 9.1% 9.1% 9.1% 9.1% 9.1% 5% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 5

Participant Data & Respondent Characteristics Continued Number of Company Locations - Retail/ Customer Interfacing (Outlets, Call Centers, Stores, etc) 22.7% 13.6% 13.6% 5% 9.1% 4.5% 9.1% 9.1% 4.5% 4.5% 9.1% Distribution of Company Locations 7 63.6% 6 5 4 Citywide Statewide/ Province 4.5% Regional (within one country) 18.2% National (one country) 13.6% Regional (multi country) Global Number of Company Employees 27.3% 18.2% 13.6% 5% 4.5% 9.1% 9.1% 4.5% 4.5% 9.1% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 6

Participant Data & Respondent Characteristics Continued 5 45% 4 35% 5 36.4% 27.3% 40.9% 36.4% 5 Percent of Respondents by Industry Sum Exceeds 10 due to Multiple Selections 5% 4.5% Aerospace/ Defense Agribusiness 4.5%4.5% Biotechnology Chemical Communications/Media Construction 9.1% Consulting Services Consumer Products Education - K to 12 Education - Higher Education Entertainment Financial - Banking Financial - Brokerage Financial - Credit Card 4.5% Financial - Credit Union Financial - Investment Financial - Mortgage Financial - Other Food Services - Manufacturing & Distribution Food Services - Retail Government - City Government - County Government - State/ Providence Government - National 4.5%4.5% Healthcare/Medical - Service Provider Healthcare/Medical - Hospital Hospitality 13.6%13.6% Insurance - Commercial Lines Insurance - Healthcare 18.2% Insurance - Personal Lines 4.5% 4.5% International Non-Government Organization Internet/E-Business Legal Logistics Manufacturing - Consumer Products Manufacturing - Industrial Manufacturing - Other Marine Non-profit Nuclear/Power Plant 4.5% Oil & Gas Pharmaceutical Real Estate 4.5%4.5% Retail/Wholesale Technology - Cloud Services Technology - Hardware 4.5%4.5% Technology - Services Technology - Software Telecommunications 4.5%4.5% Transportation - Aviation Transportation - Shipping Transportation - Trucking 4.5% Utilities - Energy Utilities - Water 9.1% Other - Please indicate other industry Other Industries Noted Include: Multi-industry data aggregator and distributor and reinsurance/ insurance brokerage/ risk management/ talent management Definition of Program Managed or Work Within 4 35% 33.5% 38.1% 13.7% 14. 5% 0.7% Completely BCM business focused Completely IT/ Resiliency focused More focused on BCM business initiatives More focused on IT/ Resiliency Equally focused on BCM business initiatives and IT/ Resiliency Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 7

Participant Data & Respondent Characteristics Continued Current Level of Job Responsibility Respondents Not Managing a Program Didn't Continue in Study and Answer Questions on Status of Program, Staffing and Expenditures 5 45% 4 35% 5% Entrylevel/Analyst Planner/ Coordinator/ Administrator Solution Architect Subject Matter Expert/ Technologist/ Engineer (Nonmanager) Manager/ Assistant Vice President/ Program Manager Vice President/ Director Regional Manager Global Manager Chief Officer President - President of an organization (Not Professional Consulting) Consultant/ Professional Services Sales/ Marketing/ Product Management - Management - direct staff management. All Respondents 18.2% 27.3% 9.1% 40.9% 4.5% Continued in Study 2 33.3% 46.7% Other Only respondents who managed a program continued with additional study questions pertaining to budget and staff management. Level of Separation from Executive Management Respondents Not Managing a Program Didn't Continue in Study and Answer Questions on Status of Program, Staffing and Expenditures 4 35% 5% 0 1 2 3 4 5 6 7+ All Respondents 9.1% 27.3% 36.4% 13.6% 9.1% 4.5% Continued in Study 13.3% 26.7% 4 13.3% 6.7% Percent of Respondents Managing a Program Respondents Not Managing a Program Didn't Continue in Study and Answer Questions on Status of Program, Staffing and Expenditures 11.1% Yes No 88.9% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 8

Participant Data & Respondent Characteristics Continued Scope of Program Managed Respondents Chose Multiple Answer Options for Multiple Programs 45% 4 35% 5% 42.7% 8.6% 5.2% 8.6% 5.6% 4.3% 22.8% 6.9% 3.4% 19.4% 9.5% 6.5% Yes, I currently manage a program for the entire organization on a global basis. Yes, I currently manage a program for multiple lines of business on a global basis. Yes, I currently manage a program for one line of business on a global basis. Yes, I currently manage a program for the entire organization on a regional (multi-country) basis. Yes, I currently manage a program for multiple lines of business on a regional (multi-country) basis. Yes, I currently manage a program for one line of business on a regional (multi-country) basis. Yes, I currently manage a program for the entire organization on a national basis. Yes, I currently manage a program for multiple lines of business on a national basis. Yes, I currently manage a program for one line of business on a national basis. Yes, I currently manage a program for the entire organization on a regional (within one country) basis. Yes, I currently manage a program for multiple lines of business on a regional (within one country) basis. Yes, I currently manage a program for one line of business on a regional (within one country) basis. Number of Disciplines Managed within Program Average for all Respondents is 5.8 Disciplines Managed in Program 23.7% 20.3% 11.2% 11.2% 14.2% 11.6% 7.8% 5% 1 Discipline 2 Discplines 3 Discplines 4 Discplines 5 Discplines 6-8 Discplines 9+ Discplines Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 9

Participant Data & Respondent Characteristics Continued Disciplines Managed in the Program Respondents Chose Multiple Answer Options for Multiple Disciplines 10 9 90.1% 8 7 68.5% 6 5 47. 47.4% 53. 4 36.6% 26.3% 8.6% 10.3% 17.7% 18.1% 15.1% 11.6% 8.2% 8.2% 8.2% 8.2% 15.1% 15.1% 16.8% 8.6% 9.1% 9.9% 9.9% 6. 7.3% 2.2% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 10

Program Maturity In your opinion, how would you rate the maturity of your program? Please rate on a scale of 1 to 5 with 1 meaning Very Immature and 5 meaning Very Mature. Program Maturity - Self Rating & Index Score 5 45% 4 35% 5% Very Immature/ Initial Program Planning Documentation to Attempt a Repeatable Process Standard Program Planning in Place Managed Program with Quantitative Metrics Very Mature Program striving for Optimization/ Improvement Self Rating 9.5% 38.1% 38.1% 14.3% Index Score Based on Response 5 5 How long has your organization s BCM program been in existence? Program's Existence (With or Without Your Involvement) 28.6% 5% 4.8% 9.5% 14.3% 9.5% 19. 14.3% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 11

When was the last time your program was thoroughly updated? For example, a complete refresh of your methodology or an overhaul of your program tools. Last Time Program was Thoroughly Updated Complete Refresh of Methodology or an Overhaul of Program Tools 5% 10.4% 14. 15.1% 19.4% 20.1% 14.7% 5.4% 1.1% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 12

Please choose all that apply to describe your organization s current continuity program status under your direction and management. Please check all that apply. Current Status of Program Respondents Choose Multiple Selections Current Level of Program Status (Select all that apply) Off-site data recovery only. There are contingency plans in place for IT functions only (i.e., DR only) Critical systems are either resilient or recoverable. Some departments/divisions have business continuity plans. Currently obtaining or have management support and formulating the BCM program framework to include chartering and governance contingency strategies, resiliency needs, recovery objectives, operational and enterprise risk management and crisis management p Currently developing and implementing BC and/or IT DR plans that meet the needs of the organization. Currently conducting regular BIA or risk assessments. Implemented a full functioning, corporate-wide BCM program that meets the organization's identified contingency, resiliency, risk management, emergency management and crisis management needs. 16.2% 31. 31.9% 39.3% 41. 57.6% 53.3% 50.2% Emergency Management/ Crisis Management Planning Status (Select all that apply) Currently assessing the need for an Emergency Operations Center. Currently implementing an Emergency Operations Center. A full functioning Emergency Operations Center is in place. Policies and procedures are in place to interact and coordinate with external agencies in times of a disaster. A Crisis Management process and plan is in place. A Crisis Communications program is in place. 12.2% 12.7% 38.4% 50.7% 61.6% 68.6% Pandemic Preparedness Planning Status (Select all that apply) Currently developing a pandemic preparedness policy. Currently implementing a pandemic preparedness policy. A full functioning pandemic preparedness policy is in place. 12.2% 19.2% 55.9% Enterprise Risk Management Planning Status (Select all that apply) Considering conducting an enterprise risk assessment for the Board and/ or senior management. Currently conducting an enterprise risk assessment for the Board and/ or senior management. Incorporated a full enterprise risk management program with controls in place to avoid or mitigate potential risks. 18.8% 21.8% 43.7% Maintain an assessment and audit schedule of the BCM program to ensure the program is up to date and complete. 45. Assessment/ Audit/ Exercise/ Awareness Status (Select all that apply) Maintain an exercise schedule in order to identify new potential vulnerabilities or weaknesses in the current BCM program. Analyze findings to elevate the program. Exercises involve multiple teams across the organization - not just a single process/ technology recovery. Joint information security and business continuity exercises are conducted. Implemented an awareness and training program to promote and educate the entire organization on the BCM program, including specified roles and responsibilities. Recovery capability reports are shared on a regular basis with the pertinent senior leadership of the organization. 34.1% 42.4% 52.8% 52.4% 61.1% Executive/ Leadership Succession Planning Status (Select all that apply) Currently developing an executive/leadership succession plan. Currently implementing an executive/leadership succession plan. A full functioning executive/leadership succession is in place. 9.2% 26.6% 29.7% 1 2 3 4 5 6 7 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 13

Program Integration Is your program centralized across the organization when considering program expenses and staffing? Centralized Program with Budgeting and Staffing 34.4% 65.6% Yes No Based on your response above, do you believe this organizational structure contributes to the success of your program? Rate on a scale of 1 to 5 with 1 meaning strongly disagree to 5 meaning strongly agree. Does the Organizational Structure Contribute to the Success of Your Program 6 5 4 Strongly Disagree Disagree Neutral Agree Strongly Agree All Respondents 4.4% 7.7% 22.4% 42.6% 22.8% Centralized 1.1% 4.5% 17.5% 49.7% 27.1% Not Centralized 10.8% 14. 31.2% 29. 15.1% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 14

Please specify all the disciplines that you personally manage within the program. Select all that apply. Discipline Oversight within Program by Number of Disciplines Managed within Program 10 9 8 7 6 5 4 1 Discipline 2 Discplines 3 Discplines 4 Discplines 5 Discplines 6-8 Discplines 9+ Discplines Asset Protection/ Loss Prevention Audit 5 6 Business Continuity Process (Business Focus) 10 86% 10 10 10 10 Compliance 6 Crisis Communications 43% 5 10 Crisis Management/ Incident Management 5 86% 5 67% 10 8 Disaster Recovery Process (IT Focus) 10 8 Emergency Management 43% 5 8 Executive Protection 4 Facilities Management 4 Governance, Risk and Compliance (GRC) 4 Health & Safety - Environmental Health & Safety - Occupational Information Technology 75% 6 Media Crisis Management 14% 5 6 Pandemic Planning 5 14% 5 10 10 8 Records Management 4 Risk Management - Enterprise 14% 5 Risk Management - Insurance Risk Management - Operational 5 Security - Cyber 4 Security - Information Security - Physical Succession Planning Supplier Resiliency Third-Party Risk Management (either for all risks or for BCM) 67% 5 6 Other Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 15

How well integrated are the following within your organizational program? Please rate on a scale of 1 to 5 with 1 meaning NO INTEGRATION and 5 meaning COMPLETELY INTEGRATED. *All related enterprise disciplines are listed within the study to accommodate a variety of discipline expertise. Integration of the Business Continuity Program with Organizational Functions Asset Protection/ Loss Prevention Audit Business Unit Participation Change Management Compliance Crisis Communications Crisis Management/ Incident Management Disaster Recovery Process (IT Focus) Emergency Management Executive Protection Facilities Management Governance, Risk and Compliance (GRC) Health & Safety - Environmental Health & Safety - Occupational Human Resources Processes Information Technology Media Crisis Management Pandemic Planning Privacy Public Agencies/ Government Authorities Records Management Risk Management - Enterprise Risk Management - Insurance Risk Management - Operational Security - Cyber Security - Information Security - Physical Senior Management Participation/ Sponsorship Service Level Management Processes Strategic Plan/ Corporate Mission Statement Third-Party Risk Management (either all risks or for BCM) Succession Planning Supplier Resiliency 23% 4 3% 3% 13% 27% 23% 17% 17% 3% 23% 37% 3% 7% 3% 3% 13% 17% 23% 23% 7% 31% 28% 7% 27% 13% 13% 17% 27% 13% 23% 27% 7% 13% 27% 17% 13% 11% 11% 29% 3% 7% 27% 43% 4 7% 27% 13% 23% 37% 34% 24% 45% 17% 37% 23% 3% 17% 55% 5 37% 27% 17% 13% 23% 23% 17% 13% 27% 13% 13% 17% 17% 4 17% 17% 17% 7% 13% 13% 37% 17% 27% 13% 32% 18% 23% 23% 27% 13% 23% 17% 7% 27% 13% 13% 21% 24% 4 5 6 7 8 9 10 No Integration Minimal Integration Partial Integration Effective Integration Completely Integrated Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 16

Managing Dispersed Offices Does your existing program account for offices and/ or facilities outside your current office location under your direction and management? Program Accounts for Offices Outside Your Current Office Location 26.3% Yes No 73.7% Table shows a correlation between two different questions. First Question Within your span of direct management and control, please specify the number of office locations/ facilities accounted for in your existing plans. Second Question How do you manage the program at these locations? Select all that apply. - Total percent may exceed 10 due to multiple selections. Management of Program for Non-Corporate Offices by Number of Non-Corporate Offices Exceeds 10 Due to Multiple Answer Options 10 9 8 7 6 5 4 1-5 6-10 11-50 More than 50 Hire full-time, permanent professionals local to the location(s). 14% Manage program from primary corporate office with periodic travel to location(s). 71% 75% 10 Hire consultants/ independent contractors local to the location(s). 14% Engage professional consulting services local to the location(s). Place expatriate in facility location for specified time period. Hire consultants/ independent contractors not local to the location(s). 14% Engage professional consulting services not local to the location(s). 14% Managed locally with existing resources that are not experienced in the discipline. 43% 5 Corporate team oversees policy and program implementation while locally based employees work part-time to establish plans. 29% 75% Other Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 17

Organizational Reporting Structure Which best describes the reporting structure of the continuity program? Business Continuity Program Department Owner 35% 33.3% 16.7% 5% 6.7% 3.3% 3.3% 3.3% 3.3% 3.3% 6.7% 3.3% 3.3% 3.3% 1 Other Department Owner Noted Includes: Chief Security Office (Cyber, Physical, Resilience) Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 18

The graph below shows a correlation between two different questions. First Question Which best describes the reporting structure of the continuity program? Second Question Under the current department ownership, do you agree that the continuity program is best situated within your organization for maximum visibility? Program Positioned for Maximum Visibility Assurance/ Compliance Audit - Internal Business Continuity Office 10 Corporate Executive Offices 5 5 Corporate Real Estate Emergency/ Crisis Management Environmental Health & Safety Facilities Management Finance 10 Human Resources Information Technology Legal Counsel Operations Program Management Office - Corporate 10 Program Management Office - IT 10 Risk Management 13% 13% 38% 38% Security - Information 10 Security - Physical 10 Strategic Planning Individual business units Other 10 4 5 6 7 8 9 10 Strongly disagree Disagree Neutral Agree Strongly agree Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 19

Is your organization considering a different department owner for the continuity program to maximize visibility? Considering a Different Department Owner? 1 Yes No 9 If no, which department(s) would you prefer? If yes, which department(s) is being considered? Select all that apply. Program Department Owner Change Department Being Considered or Not Considering a Change / Preferred Department Owner - Exceeds 10 due to multiple selections 8 75% 7 6 5 4 4% 27% 4% 27% 4% 8% 4% 4% 38% 4% 8% Yes, Considering a Change Not Considering a Change Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 20

Program Sponsorship Please specify by job title who is totally engaged and sponsoring the continuity program functions. Please select the best response. Who is Totally Engaged & Sponsoring the Program 26.7% 13.3% 13.3% 6.7% 6.7% 6.7% 6.7% 5% 3.3% 3.3% 3.3% 3.3% 3.3% 3.3% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 21

If the program is being sponsored by a Chief Officer or above, is this person really engaged in your opinion? Rate on a scale of 1 to 5 with 1 meaning Very Little Involvement and 5 meaning Very Involved. If a Chief Level or Above, How Involved is this Individual? Chairman of the Board Board/ General Council/ Executive Committee President CEO - Chief Executive Officer CIO/ CTO - Chief Information Officer/ Chief Technology Officer CSO/ CISO - Chief Security Officer/ Chief Information Security Officer CFO - Chief Financial Officer COO - Chief Operating Officer CAO - Chief Administrative Officer CRO - Chief Risk Officer CCO - Chief Compliance Officer CCO - Chief Continuity Officer Other Chief Title 10 10 10 10 5 10 67% 4 5 6 7 8 9 10 Very little involvement Little involvement Neutral Involved Very involved What is the level of separation from the Executive Committee for this individual? Level of Separation from Executive Management 45% 44.4% 4 35% 34.8% 12.2% 5% 5.6% 1.5% 0.7% 0.7% 0 1 2 3 4 5 6+ Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 22

The graph below shows a correlation between two different questions. First Question What is the level of separation from the Executive Committee for this individual? Selection choices include 0 to 6+. Second Question Based on the current level of separation from the Executive Committee, do you agree that the continuity program is best situated within your organization for maximum visibility? Selection choices include strongly disagree, disagree, neutral, agree and strongly agree. Program Best Positioned by Level of Separation from Executive Committee 0 2% 8% 11% 38% 42% 1 2% 17% 44% 17% 2 9% 6% 21% 3 27% 27% 13% 4 75% 5 10 6+ 5 5 4 5 6 7 8 9 10 Strongly disagree Disagree Neutral Agree Strongly agree Is your organization considering a different level of sponsorship for the program to maximize visibility? Considering a Different Level of Separation from Executive Management 5.3% Yes No 94.7% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 23

Which level of separation from the Executive Committee would you prefer? Level of Separation Change Level Being Considered or Not Considering a Change / Preferred Level 10 9 8 7 6 5 4 0 1 2 3 4 5 6+ Yes, Considering a Change 10 Not Considering a Change 33.3% 61.1% 5.6% Program Assessment, Audit & Exercising Who is responsible for reviewing and approving BIA results? (Select all that apply.) Responsible for Reviewing and Approving BIA Results Exceeds 10 due to Multiple Selections 7 63.3% 6 5 4 4 4 2 3 13.3% 3.3% Does not apply You Department leaders Division leaders C-Suite leader who supervises department for which BIA was performed BC Steering Committee C-Suite as an entity Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 24

How often does your company review and update the BIA for organizational processes deemed critical and non-critical? Review & Update BIA for Critical and Non-Critical Organizational Processes 6 5 4 Still in development of program On an as needed basis Every 6 months Annually Every other year Every three years Less often than three years Critical 12.4% 9. 3. 53.2% 10.1% 5.6% 3. 3.7% Non-Critical 11.3% 8.6% 1.5% 40.2% 13.5% 10.5% 4.5% 9.8% Never In your opinion, does your organization leverage the outcome of the BIA and/ or risk assessments to elevate the program? Please rate on a scale of 1 to 5 with 1 meaning Strongly Disagree and 5 meaning Strongly Agree. Leverage the Outcome of the BIA and/or Risk Assessment to Elevate the Program 6 55.2% 5 4 3.4% 3.4% 17.2% 13.8% 6.9% Doesn't apply Strongly disagree Disagree Neutral Agree Strongly agree Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 25

How often do your internal audit department and external auditor review your program? How Often is an Internal & External Audit Conducted on the Program 4 35% 5% Still in development of program On an as needed basis Quarterly Semi-annually Annually Every other year Every three years or more External Audit 10.4% 17.9% 2.2% 1.9% 26.9% 11.2% 11.2% 18.3% Internal Audit 9.4% 12.7% 4.9% 3.4% 37.1% 13.5% 8.2% 10.9% Never Do you exercise your program? Exercise Program 10 Program still in development () Yes No () Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 26

How often do you exercise plans for Mission Critical IT Assets, Mission Critical Business Functions, Mission Critical Third-Parties, Less Critical IT Assets and Less Critical Business Functions? How Often Are Plans Exercised? 8 7 6 5 4 Never On an as needed basis Daily Weekly Monthly Quarterly Twice a year Annually Every other year Less than every other year Mission Critical IT 3. 7.4% 0.4% 2.2% 9.5% 18.2% 54.1% 2.2% 3. Mission Critical Business 2.1% 3.4% 0.4% 1.7% 5.2% 10.3% 70.8% 2.1% 3.9% Mission Critical Third-Parties 32.3% 22. 0.4% 0.4% 0.9% 2.7% 4. 35.4% 1.8% Less Critical IT 13. 28.7% 0.4% 0.9% 2.6% 7. 29.1% 1 8.3% Less Critical Business 17. 20.1% 0.4% 1.7% 3.5% 39.7% 10.5% 7. What type of scenarios have you implemented to exercise your plans? Select all that apply. - Total percent will exceed 10 due to multiple selections. Scenarios Implemented to Exercise Plans Respondents Chose Multiple Answer Options for Multiple Exercise Scenarios 10 9 8 7 6 5 4 44.4% 94.4% 88.9% 44.4% 83.3% 88.9% 5 61.1% 44.4% 16.7% 33.3% 61.1% 11.1% 61.1% 11.1% 72.2% 88.9% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 27

Budgeting Describe how continuity program expenses are budgeted under your direction and management? Budgeting of Program Expenses 46.5% 5 45% 4 35% 5% Program expenses are allocated independently from other functions within the organization (E. G., you own the budget). 19.2% Program expenses are allocated to other department(s) (E. G., you have to get the budget from others). 7. Program expenses are allocated independently from other functions within the organization (E. G., you own the budget) & Program expenses are allocated to other department(s) (E. G., you have to get the budget from others). 27.2% No, program expenses are not tracked. What is your company's approximate/ estimated annual budget for contingency related program expenses? Please specify budget information in US Dollars and consider everything (personnel, consulting services, alternate recovery sites, emergency operating centers, emergency supplies, hardware, DR technology, vendor services, exercises, training, travel and other expenses) within the budget under YOUR direction and management. Approximate Annual Budget for Contingency Related Program Expenses - 19.9% 18% 16% 14% 13.3% 12% 8% 6% 4% 2% 9.5% 5.2% 6.2% 5.2% 9.5% 8.1% 5.7% 3.8% 5.7% 2.4% 3.3% 0.5% 0.5% 1.4% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 28

The graph below shows a correlation between two different questions. First Question What is your organization's approximate annual NET revenue? Please specify in US Dollars. Second Question What is your company's approximate/ estimated annual budget for contingency related program expenses? Please specify in US Dollars. 10 9 8 7 6 5 4 Approximate Annual Budget for Contingency Related Program Expenses by Company Revenue - Under $10,000 $10,000 - $50,000 $50,000 - $100,000 $100,000 - $150,000 $150,000 - $200,000 $200,000 - $500,000 $500,000 - $750,000 Not applicable (government/non-profit) Less than $5,000,000 ($5 Million) 10 $5,000,000 - $10,000,000 ($5-$10 Million) 5 5 $10,000,000 - $25,000,000 ($10-$25 Million) 10 $25,000,000 - $50,000,000 ($25-$50 Million) 10 $50,000,000 - $100,000,000 ($50-$100 Million) $100,000,000 - $250,000,000 ($100-$250 Million) 5 5 $250,000,000 - $500,000,000 ($250-$500 Million) $500,000,000 - $1,000,000,000 ($500 Million-$1 Billion) 4 $1,000,000,000 - $5,000,000,000 ($1-$5 Billion) 5 17% 17% 17% $5,000,000,000 - $10,000,000,000 ($5-$10 Billion) 5 5 $10,000,000,000 - $20,000,000,000 ($10-$20 Billion) 5 5 $20,000,000,000 - $50,000,000,000 ($20-$50 Billion) Over $50,000,000,000 ($50 Billion) $750,000 - $1,000,000 $1,000,000 - $1,500,000 $1,500,000 - $2,000,000 $2,000,000 - $3,000,000 $3,000,000 - $5,000,000 $5,000,000 - $11,000,000 $11,000,000 - $15,000,000 $15,000,000 - $20,000,000 Over $20,000,000 The graph below shows a correlation between two different questions. First Question Describe how continuity program expenses are budgeted under your direction and management? Second Question What is your company's approximate/ estimated annual budget for contingency related program expenses? Please specify in US Dollars. Approximate Annual Budget for Contingency Related Program Expenses by Program Budget Definition 10 9 8 7 6 5 4 Program expenses are allocated independently from other functions within the organization (E. G., you own the budget). Program expenses are allocated to other department(s) (E. G., you have to get the budget from others). Program expenses are allocated independently from other functions within the organization (E. G., you own the budget) & Program expenses are allocated to other department(s) (E. G., you have to get the budget from others). No, program expenses are not tracked. Under $10,000 10 $10,000 - $50,000 10 $50,000 - $100,000 $100,000 - $150,000 5 5 $150,000 - $200,000 5 5 $200,000 - $500,000 43% 29% 29% $500,000 - $750,000 10 $750,000 - $1,000,000 10 $1,000,000 - $1,500,000 10 $1,500,000 - $2,000,000 10 $2,000,000 - $3,000,000 5 5 $3,000,000 - $5,000,000 $5,000,000 - $11,000,000 10 $11,000,000 - $15,000,000 $15,000,000 - $20,000,000 Over $20,000,000 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 29

Please specify what is accounted for in your annual budget. Please check box if the line item is currently included in your program budget. Percent of Respondents Indicating Budget Item in Total Budget Exceeds 10 due to Multiple Selections 8 78.2% 7 64.9% 65.4% 64.5% 63.5% 6 51.7% 5 44.1% 41.7% 4 18. 22.7% 33.2% 26.5% 26.5% 20.4% 15.2% 26.5% 2.8% What is the percent for each budget line item within the program budget? Average Percent per Budget Line Item 6 5 4 53.1% 41.4% 21.5% 9.3% 14.7% 9.2% 5.9% 1.9% 1.9% 1.7% 15.1% 3.5% 24.2% 5.6% 11.7% 1.8% 15.2% 5.5% 7.5% 3.4% 1. 8.9% 20.6% 9.5% 4.9% 5.8% 8.5% 5.2% 5.1% 3.1% 25.1% 5.6% 3.4% 0.7% All Respondents If Included in Budget Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 30

The graph below shows a correlation between two different questions. First Question Describe how continuity program expenses are budgeted under your direction and management? Second Question Please specify what is accounted for in your annual budget. Please check box if the line item is currently included in your program budget. Percent of Respondents Indicating Budget Item in Total Budget by Program Budget Definition 10 9 8 7 6 5 4 Program expenses are allocated independently from other functions within the organization (E. G., you own the budget). Program expenses are allocated to other department(s) (E. G., you have to get the budget from others). Program expenses are allocated independently from other functions within the organization (E. G., you own the budget) & Program expenses are allocated to other department(s) (E. G., you have to get the budget from others). No, program expenses are not tracked. Full Time Internal Staff 83% 10 5 67% Consultants/ Contractors (Business focus) 5 5 Consultants/ Contractors (IT focus) 8% Emergency Operations Center (EOC) 8% 17% Emergency Supplies 5 75% Hardware 17% Hot-site/ Outsourced Alternate Site 58% 17% Internal Recovery Site 17% 75% Software 58% 67% Notification/ Alerts 67% 67% 5 Mobile Recovery 17% DR Technology 8% 5 Exercises 75% 10 75% 83% Training /Awareness 75% 10 75% 5 Travel 92% 67% 5 5 Personnel Development (E.G. certifications, conferences, etc.) 92% 67% 75% 5 Other Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 31

The graph below shows a correlation between two different questions. First Question Describe how continuity program expenses are budgeted under your direction and management? Second Question What is the percent for each budget line item within the program budget? Average Percent for each Budget Line Item by Program Budget Definition Equals 10 for each Program Budget Definition 8 7 6 5 4 Program expenses are allocated independently from other functions within the organization (E. G., you own the budget). Program expenses are allocated to other department(s) (E. G., you have to get the budget from others). Program expenses are allocated independently from other functions within the organization (E. G., you own the budget) & Program expenses are allocated to other department(s) (E. G., you have to get the budget from others). No, program expenses are not tracked. Full Time Internal Staff 55% 79% 34% 32% Consultants/ Contractors (Business focus) 3% 2% 3% Consultants/ Contractors (IT focus) 2% 2% Emergency Operations Center (EOC) Emergency Supplies 2% Hardware 2% 4% Hot-site/ Outsourced Alternate Site 14% 13% Internal Recovery Site 2% Software 1% 1% 4% Notification/ Alerts 3% 3% 1% Mobile Recovery 2% DR Technology 1% 5% Exercises 3% 5% 6% Training /Awareness 2% 3% 1% 2% Travel 3% 5% 2% 1% Personnel Development (E.G. certifications, conferences, etc.) 2% 1% 2% 3% Other Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 32

The graph below shows a correlation between two different questions. First Question What is your company's approximate/ estimated annual budget for contingency related program expenses? Please specify in US Dollars. Second Question Please specify what is accounted for in your annual budget. Please check box if the line item is currently included in your program budget. Percent of Respondents Indicating Budget Item in Total Budget by Approximate Annual Program Budget 10 9 8 7 6 5 4 Under $10,000 $10,000 - $50,000 $50,000 - $100,000 $100,000 - $150,000 $150,000 - $200,000 $200,000 - $500,000 $500,000 - $750,000 $750,000 - $1,000,000 $1,000,000 - $1,500,000 $1,500,000 - $2,000,000 $2,000,000 - $3,000,000 $3,000,000 - $5,000,000 Full Time Internal Staff 10 10 10 10 10 10 10 10 10 Consultants/ Contractors (Business focus) 10 10 5 10 10 5 10 Consultants/ Contractors (IT focus) 10 5 10 5 10 Emergency Operations Center (EOC) 5 10 10 10 Emergency Supplies 10 5 10 10 5 Hardware 10 10 10 10 10 Hot-site/ Outsourced Alternate Site 10 10 10 5 Internal Recovery Site 10 10 10 10 5 Software 10 10 10 10 10 10 10 Notification/ Alerts 10 10 10 10 10 5 10 10 5 10 Mobile Recovery 10 10 10 5 DR Technology 10 5 10 5 5 Exercises 10 10 10 10 5 10 10 10 10 Training /Awareness 10 10 10 10 5 10 10 10 10 Travel 10 10 10 10 10 10 10 10 10 Personnel Development (E.G. certifications, conferences, etc.) 10 10 10 10 5 10 10 10 10 Other $5,000,000 - $11,000,000 $11,000,000 - $15,000,000 - $15,000,000 $20,000,000 Over $20,000,000 The graph below shows a correlation between two different questions. First Question What is your company's approximate/ estimated annual budget for contingency related program expenses? Please specify in US Dollars. Second Question Please specify what is accounted for in your annual budget. Please check box if the line item is currently included in your program budget. 10 9 8 7 6 5 4 Average Percent for each Budget Line Item by Approximate Annual Program Budget Equals 10 for each Program Budget Definition Under $10,000 $10,000 - $50,000 $50,000 - $100,000 $100,000 - $150,000 $150,000 - $200,000 $200,000 - $500,000 $500,000 - $750,000 $750,000 - $1,000,000 $1,000,000 - $1,500,000 $1,500,000 - $2,000,000 $2,000,000 - $3,000,000 $3,000,000 - $5,000,000 Full Time Internal Staff 45% 77% 45% 6 58% 88% 65% 9% 66% Consultants/ Contractors (Business focus) 5% 3% 1% 6% 5% Consultants/ Contractors (IT focus) 1% 4% 5% Emergency Operations Center (EOC) 1% Emergency Supplies 1% 3% Hardware 4% 4% Hot-site/ Outsourced Alternate Site 4 2% 5% 76% Internal Recovery Site 18% Software 8% 8% 8% 1% 2% Notification/ Alerts 2% 3% 5% 3% 5% Mobile Recovery 1% 5% 2% DR Technology 5% 4% 1% Exercises 10 75% 4% 4% 8% 3% 3% 5% 2% 3% Training /Awareness 2% 1% 4% 3% 5% 1% 2% Travel 2% 2% 8% 1% 3% 5% 2% Personnel Development (E.G. certifications, conferences, etc.) 1% 2% 3% 1% 3% 5% 1% 2% Other $5,000,000 - $11,000,000 Over $11,000,000 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 33

The graph below shows a correlation between two different questions. First Question Please specify what is accounted for in your annual budget. Please check box if the line item is currently included in your program budget. Second Question Please specify budget revisions for the next year for each budget line item Increase, Decrease, Remain the Same, or Not Sure. Change in Budget by Budget Line Item 10 9 8 7 3% 19% 14% 13% 7% 4% 8% 12% 3% 17% 4% 4% 19% 13% 13% 4% 4% 11% 7% 16% 16% 3% 3% 5% 8% 9% 11% 12% 6 5 4 75% 62% 5 84% 9 75% 69% 56% 82% 87% 85% 68% 87% 84% 77% 79% 8 4% 29% 4% 8% 19% 2% 2% 1% 3% 6% 3% Full Time Internal Staff Consultants/ Contractors (Business focus) Consultants/ Contractors (IT focus) Emergency Operations Center (EOC) Emergency Supplies Hardware Hot-site/ Outsourced Alternate Site Internal Recovery Site Software Notification/ Alerts Mobile Recovery DR Technology Exercises Training /Awareness Travel Personnel Development (E.G. certifications, conferences, etc.) Other Decrease Remain the Same Increase Not sure For each line item, if the budget increased or decreased then what percent do you anticipate the budget for that line item to increase or decrease in the next year? 5 45% 4 35% 5% 2 Average Change in Budget by Budget Line Item 5 5. Decrease Increase Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 34

Personnel Program Staff Management 14.3% Manage Personnel Do Not Manage Personnel 85.7% How many company personnel are dedicated (majority of their job responsibilities) and/or involved (minority of their job responsibilities) in the continuity program? If a company employee is a part-time, permanent employee, please list as 0.5. DO NOT INCLUDE CONSULTING/CONTRACT PERSONNEL. This question will be later in study. - Number of current personnel DEDICATED across your ENTIRE organization? - Number of current personnel DEDICATED under YOUR direction and management? - Number of current personnel across entire organization INVOLVED, but NOT DEDICATED? Percent of Respondents by Number of Program Personnel 35% 5% Number of current personnel DEDICATED across your ENTIRE organization to Program Planning Efforts Number of current personnel DEDICATED to Program Planning Efforts under YOUR direction and management Number of current personnel across entire organization INVOLVED, but NOT DEDICATED to Program Planning Efforts Less than 1 1 to less than 2 2 to less than 3 3 to less than 4 4 to less than 5 5 to less than 7 7 to less than 10 10 to less than 15 15 to less than 20 20 to less than 30 30 to less than 50 50 to less than 100 100 and greater 17.4% 17.4% 21.7% 8.7% 4.3% 8.7% 4.3% 4.3% 8.7% 4.3% 23.1% 30.8% 23.1% 7.7% 7.7% 7.7% 12.5% 4.2% 4.2% 4.2% 8.3% 4.2% 4.2% 4.2% 29.2% 25. Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 35

Minimum, Average and Maximum Number of Personnel 700 600 500 400 300 200 100 0 Number of current personnel DEDICATED across your ENTIRE organization to Program Planning Efforts Number of current personnel DEDICATED to Program Planning Efforts under YOUR direction and management Number of current personnel across entire organization INVOLVED, but NOT DEDICATED to Program Planning Efforts Minimum 1 1 0 Average 23.4 7.8 181.6 Maximum 66 17 608 The graph below shows a correlation between two different questions. First Question Please specify all the disciplines that you personally manage. Select all that apply. Second Question How many company personnel are dedicated (majority of their job responsibilities) and/or involved (minority of their job responsibilities) in the continuity program? (Number of disciplines is calculated by summing the number of selected disciplines per each study participant.) Average Number of Program Personnel by Number of Program Disciplines 350 300 250 200 150 100 50 Average number of current personnel DEDICATED across your ENTIRE organization to Program Planning Efforts Average number of current personnel DEDICATED to Program Planning Efforts under YOUR direction and management Average number of current personnel across entire organization INVOLVED, but NOT DEDICATED to Program Planning Efforts 0 1 Discipline 2 Disciplines 3 Disciplines 4 Disciplines 5 Disciplines 6-8 Disciplines 9+ Disciplines 2.0 3.0 12.9 17.0 5.7 4.3 2.3 1.0 2.5 4.0 1.5 5.0 2.0 101.0 68.0 42.9 1.5 339.3 62.8 47.5 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 36

The graph below shows a correlation between two different questions. First Question How many people are employed within your organization (all locations)? Second Question How many company personnel are dedicated (majority of their job responsibilities) and/or involved (minority of their job responsibilities) in the continuity program? If a company employee is a part-time, permanent employee, please list as 0.5. DO NOT INCLUDE CONSULTING/CONTRACT PERSONNEL. This question will be later in study. Average Number of Current Program Personnel by Number of Company Employees 350 300 250 200 150 100 50 Average number of current personnel DEDICATED across your ENTIRE organization to Program Planning Efforts Average number of current personnel DEDICATED to Program Planning Efforts under YOUR direction and management Average number of current personnel across entire organization INVOLVED, but NOT DEDICATED to Program Planning Efforts 0 Less than 499 500-1,999 2,000-4,999 5,000-9,999 10,000-19,999 20,000-44,999 45,000-99,999 1.0 1.9 4.0 3.5 20.0 26.5 11.3 2.3 3.3 3.0 6.0 1.0 1.0 5.0 72.4 103.1 20.0 74.0 338.0 100.8 100,000-199,999 More than 200,000 The graph below shows a correlation between two different questions. First Question What is your organization s approximate annual GROSS revenue (before expenses) -? Second Question How many company personnel are dedicated (majority of their job responsibilities) and/or involved (minority of their job responsibilities) in the continuity program? If a company employee is a part-time, permanent employee, please list as 0.5. DO NOT INCLUDE CONSULTING/CONTRACT PERSONNEL. This question will be later in study. Average Number of Current Program Personnel by Company Revenues 250 200 150 100 50 0 Average Number of current personnel DEDICATED across your ENTIRE organization to Program Planning Efforts Average number of current personnel DEDICATED to Program Planning Efforts under YOUR direction and management Average number of current personnel across entire organization INVOLVED, but NOT DEDICATED to Program Planning Efforts Not applicable (government/non-profit) Less than $5,000,000 ($5 Million) 1.0 5.0 $5,000,000 - $10,000,000 ($5-$10 Million) 9.5 1.0 2.0 $10,000,000 - $25,000,000 ($10-$25 Million) 3.0 3.0 6.0 $25,000,000 - $50,000,000 ($25-$50 Million) 2.0 2.0 99.0 $50,000,000 - $100,000,000 ($50-$100 Million) $100,000,000 - $250,000,000 ($100-$250 Million) 3.0 2.0 100.0 $250,000,000 - $500,000,000 ($250-$500 Million) $500,000,000 - $1,000,000,000 ($500 Million-$1 Billion) 2.3 2.0 96.5 $1,000,000,000 - $5,000,000,000 ($1-$5 Billion) 3.7 4.0 65.0 $5,000,000,000 - $10,000,000,000 ($5-$10 Billion) 3.5 3.0 105.0 $10,000,000,000 - $20,000,000,000 ($10-$20 Billion) 14.5 25.0 $20,000,000,000 - $50,000,000,000 ($20-$50 Billion) 24.3 3.5 250.0 Over $50,000,000,000 ($50 Billion) Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 37

The table below shows a correlation between two different questions. First Question Please specify all the disciplines that you personally manage. Select all that apply. (Selections auto fill to the personnel question later in the study.) Second Question How many company personnel are DEDICATED across your ENTIRE organization? If a company employee is a part-time, permanent employee, please list as 0.5. DO NOT INCLUDE CONSULTING/CONTRACT PERSONNEL. This question will be later in study. - Multiple disciplines? - More than one of the program disciplines, if you selected multiple disciplines. (Ex: An employee may work in both business continuity and disaster recovery.) and/or - Uniquely to a discipline? - One of the program disciplines you selected. (Ex: One employee may work in business continuity and another may work in security - information, but neither of them works in both as a majority of their responsibilities.) Average Number of Current Personnel DEDICATED to Program Planning Efforts across the ENTIRE Organization by Number of Program Disciplines 1 Discipline 2 Disciplines 3 Disciplines 4 Disciplines 5 Disciplines 6-8 Disciplines 9+ Disciplines Number of personnel dedicated to more than one discipline 3.0 3.0 6.7 12.0 3.7 6.3 1.7 Asset Protection/ Loss Prevention Audit 3.0 Business Continuity Process (Business Focus) 5.0 3.0 1.0 Compliance Crisis Communications 16.0 Crisis Management/ Incident Management 4.0 1.0 Disaster Recovery Process (IT Focus) 1.0 1.0 3.0 Emergency Management 20.0 1.0 Executive Protection Facilities Management Governance, Risk and Compliance (GRC) Health & Safety - Environmental Health & Safety - Occupational Information Technology Media Crisis Management 2.0 Pandemic Planning Records Management Risk Management - Enterprise Risk Management - Insurance Risk Management - Operational Security - Cyber Security - Information Security - Physical Succession Planning Supplier Resiliency Third-Party Risk Management (either all risks or for BCM) Other Total 2.0 3.0 12.9 17.0 5.7 6.3 2.3 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 38

The table below shows a correlation between two different questions. First Question Please specify all the disciplines that you personally manage. Select all that apply. (Selections auto fill to the personnel question later in the study.) Second Question How many company personnel are DEDICATED under YOUR direction and management? If a company employee is a part-time, permanent employee, please list as 0.5. DO NOT INCLUDE CONSULTING/CONTRACT PERSONNEL. This question will be later in study. - Multiple disciplines? - More than one of the program disciplines, if you selected multiple disciplines. (Ex: An employee may work in both business continuity and disaster recovery.) and/or - Uniquely to a discipline? - One of the program disciplines you selected. (Ex: One employee may work in business continuity and another may work in security - information, but neither of them works in both as a majority of their responsibilities.) Number of Current Personnel DEDICATED to Program Planning Efforts under YOUR Direction & Management by Number of Program Disciplines 1 Discipline 2 Disciplines 3 Disciplines 4 Disciplines 5 Disciplines 6-8 Disciplines 9+ Disciplines Number of personnel dedicated to more than one discipline 2.6 0.5 1.9 1.7 2.2 4.0 3.1 Asset Protection/ Loss Prevention 1.3 Audit 9.0 0.7 Business Continuity Process (Business Focus) 1.6 1.0 3.0 0.8 1.0 0.3 0.3 Compliance 0.5 0.8 Crisis Communications 0.1 1.4 Crisis Management/ Incident Management 1.0 1.7 Disaster Recovery Process (IT Focus) 1.0 0.1 1.6 Emergency Management 1.0 0.2 Executive Protection Facilities Management Governance, Risk and Compliance (GRC) 1.0 0.2 0.3 Health & Safety - Environmental 0.3 Health & Safety - Occupational 0.3 Information Technology 1.0 2.3 Media Crisis Management Pandemic Planning 1.0 Records Management Risk Management - Enterprise 0.3 0.2 Risk Management - Insurance 2.0 1.0 Risk Management - Operational 0.5 0.5 Security - Cyber Security - Information 1.0 0.5 Security - Physical 1.0 1.0 1.0 Succession Planning 1.0 1.0 Supplier Resiliency 2.0 Third-Party Risk Management (either all risks or for BCM) 2.0 7.0 0.7 3.0 Other Total 2.3 0.8 2.0 1.9 2.1 3.8 4.4 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 39

The table below shows a correlation between two different questions. First Question Please specify all the disciplines that you personally manage. Select all that apply. (Selections auto fill to the personnel question later in the study.) Second Question How many company personnel across entire organization INVOLVED, but NOT DEDICATED? If a company employee is a part-time, permanent employee, please list as 0.5. DO NOT INCLUDE CONSULTING/CONTRACT PERSONNEL. This question will be later in study. - Multiple disciplines? - More than one of the program disciplines, if you selected multiple disciplines. (Ex: An employee may work in both business continuity and disaster recovery.) and/or - Uniquely to a discipline? - One of the program disciplines you selected. (Ex: One employee may work in business continuity and another may work in security - information, but neither of them work in both as a majority of their responsibilities.) Number of Current Personnel Across the Entire Organization INVOLVED, but NOT DEDICATED to Program Planning Efforts by Number of Program Disciplines 1 Discipline 2 Disciplines 3 Disciplines 4 Disciplines 5 Disciplines 6-8 Disciplines 9+ Disciplines Number of personnel dedicated to more than one discipline 164.6 21.7 80.5 102.0 91.1 26.5 78.3 Asset Protection/ Loss Prevention 20.0 Audit 23.3 Business Continuity Process (Business Focus) 26.4 20.3 45.7 694.3 135.6 27.5 22.3 Compliance 15.0 2.6 25.3 Crisis Communications 3.0 14.5 5.0 2.0 2.0 11.4 Crisis Management/ Incident Management 21.8 86.7 72.3 4.6 12.1 Disaster Recovery Process (IT Focus) 600.0 19.7 1500.0 84.3 14.6 56.3 Emergency Management 3.0 11.6 503.3 4.0 27.2 13.4 Executive Protection 8.3 Facilities Management 2.0 10.3 Governance, Risk and Compliance (GRC) 1.0 11.8 Health & Safety - Environmental 0.3 Health & Safety - Occupational 5.0 5.0 Information Technology 8.0 6.5 16.0 Media Crisis Management 1.5 5.0 Pandemic Planning 8.0 4.5 0.7 1.8 4.0 Records Management 1.0 15.0 Risk Management - Enterprise 2.5 0.3 Risk Management - Insurance 2.0 Risk Management - Operational 2.5 3.0 3.0 6.5 Security - Cyber Security - Information 6.0 1.0 3.5 Security - Physical 1.0 0.5 Succession Planning 4.0 4.0 Supplier Resiliency 250.0 2.0 5.5 Third-Party Risk Management (either all risks or for BCM) 15.0 1017.7 4.0 3.5 5.8 Other Total 181.9 24.9 80.8 448.6 139.7 40.2 99.0 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 40

Will you be hiring employees under YOUR direction and management in the next year? Hiring Employees Under Your Direct Management in the Next Year 6 56. 5 36. 4 8. Yes Not Sure No How many employees will you be hiring in the next year under your direction and management? Number of Prospect New Hires Under Direct Management in the Next Year 8.0 8 7 6 5 4 3 2 1 0 0.5 Minimum Average Maximum 2.0 If you have previously hired staff, (in your opinion) what credentials/experience resulted in the best hires for your program? Please rate on a scale of 1 to 5 with 1 meaning Very Ineffective and 5 meaning Very Effective. What Credentials Lead to the Best Hire 10 9 8 8% 22% 22% 39% 11% 11% 8% 21% 27% 31% 14% 28% 3% 14% 7 42% 39% 42% 36% 58% 32% 6 5 4 4 47% 45% 53% 54% 47% 39% 43% 36% 35% 22% 29% 19% 21% 16% 16% 16% 11% 12% 11% 8% 7% 3% 2% 3% 3% 2% 3% 3% 1% 3% 6% 3% 34% 23% 8% 38% 53% 32% 31% 35% 17% 11% 1% 7% 2% 1% 1% 1% 32% 19% Very Effective Effective Partially Effective Little Effect Not Effective Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 41

Will you be reducing your full-time dedicated continuity program staff in the next year under your direction and management? If yes, how many are you expecting to release? Reduction in Personnel in Next Year 7 69.3% 6 5 4 28.3% Not Sure 1.4% 0.9% None 1 2 3 4 5 6-10 11-15 More than 20 If yes, what are the reasons for reducing your dedicated continuity program staff in the next year? Please select all that apply. * Total percent may exceed 10 due to multiple selections. If Yes or Not Sure, Reasons for Reducing Personnel in Next Year Exceeds 10 due to Multiple Selections 10 9 8 7 6 5 4 10 10 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 42

Consulting Initiatives How many contractors do you currently employ for your program under your direction and management? Contractors/ Consultants Currently Retained under YOUR Direction and Management 8 76. 7 6 5 4 None - does not apply 2 4. 1 2 3 4 5 6-10 11-20 More than 20 If yes, what is the length of the contract for the longest contractor? Length of Longest Contract for a Contractor/ Consultant under YOUR Direction and Management 35% 33.3% 19.3% 5% 5.3% 8.8% 8.8% 8.8% 12.3% 1.8% 1.8% Less than 3 months 3-5 months 6-8 months 9-12 months 1-1.5 years 1.5-2 years 2-3 years 3-4 years Over 4 years Will you be engaging in consulting work in the next year for your program under your direction and management? Consulting Work in Next Year 14.3% Yes No 85.7% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 43

Which of the following COMPLIANCE/ STANDARD consulting initiatives are you planning for the next year? (Check all that apply.) - Total percent may exceed 10 due to multiple selections. Compliance/ Standard Consulting Initiatives in Next Year 2015 ABS Outsourced Service Provider Audit Report (ABS - Association of Banks in Singapore) ASIS/BSI BCM standard ASIS SPC. 1-2009 Organizational Resiliency Australian Business Continuity Standard AS/NZS 5050:2010 BS25777 BS 31100 (Risk Management) BASEL II Business Continuity Institute (BCI) Good Practice Guidelines Carnegie Mellon CERT-RMM Circular No. G-139-2009 (Peru) Managing business continuity COBIT CSA Z1600 (Canadian Version of NFPA 1600) DRI International Professional Practices External Circular 048 (Colombia) - Rules for the Operational Risk Management FFIEC - Federal Financial Institutions Examination Council FINRA Guidelines - Financial Industry Regulatory Authority FISMA - Federal Information Security Management Act FRB - Federal Reserve Board FSA Business Continuity Practices Guide - Financial Services Authority Gramm Leach Bliley Act (GLBA) HB 167:2006 - Security Risk Management (Australia Standard) HB 203:2006 - Environmental Risk Management (Australia Standard) HB 221:2004 (Australia Standard) HB 292-2006 (Australia Standard) HB 436:2004 - Risk Management (Australia Standard) Health Insurance Portability and Accountability Act (HIPAA) Hong Kong Monetary Authority ISO 9000 Fundamentals and Vocabulary of Quality Systems ISO 9001 Quality Management ISO 14001 Environmental Management ISO 20000 IT Service Management ISO 22301/313 (Previously BS25999) ISO 27001 Information Security ISO/IEC 24762 Information Technology - Security Techniques ISO/IEC 27031:2011 Information Technology - Security Techniques ITIL v. 3 Service Continuity Joint Commission (Hospitals) Local Banking Superintendency Requirement 2003 MAS BCM Guidelines (Singapore) (MAS - Monetary Authority of Singapore) 2004 MAS Guidelines on Outsourcing (Singapore) 2013 MAS Technology Risk Management Guidelines (Singapore) MS 1970 (Malaysia Standard) NAIC Model Audit Rule (MAR) NCUA 12CFR Part 748 NERC CIP Standards NFPA 1600 NYSE 446/NASD 3500 OCC - Office of the Comptroller of the Currency OSHA Compliance Patriot Act Prudential Standard APS 232 on BCM (Australia) Prudential Standard GPS 222 on BCM (Australia) Prudential Standard LPS 232 on BCM (Australia) Sarbanes Oxley SAS70 SAS70-1 SEC Regulations SIFMA Business Continuity Practice Guidelines SS540/ TR19 (Singapore Standard) SSAE16 SOC2 Title IX UAE National Standards US Government NIST Standards Other 2 2 2 2 2 2 2 5% 35% 4 4 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 44

Which of the following ASSESSMENT, BC PROGRAM (business processes) and DR PROGRAM (information technology) consulting initiatives are you planning for the next year? (Check all that apply.) - Total percent may exceed 10 due to multiple selections. Program Planning Consulting Initiatives in Next Year If Planning on Consulting Initiatives ASSESSMENT consulting initiatives BC PROGRAM (business processes) consulting initiatives DR PROGRAM (information technology) consulting initiatives GENERAL consulting initiatives Assess/ measure program effectiveness - dashboards - scorecards BIA Technical Gap analysis Risk Assessment - Operational Facility Evaluation/ Risk Assessment Maturity Model Assessment Other Development Implementation Documentation Exercise Awareness Crisis Management (Emergency Operations Center) Emergency Management Pandemic Planning Program Maturity Assessment Third-party Risk Management Other Development Implementation Documentation Exercise Back-up/Resiliency High availability/ Operational Resilience Program Maturity Assessment Other Audit/ Maturity Assessment BCM Policy Customer Training Cyber Risk Executive Buy-in Exercise Design Media/ Event Planning Operational Risk Project Management Recommendations/ Program Improvements Strategic Planning Software Implementation Software Support Software Upgrade Software Product Migration - one to another Vendor Assessment Other 2 25. 25. 25. 25. 25. 4 4 5 5 5 5 5 5 5 6 66.7% 66.7% 66.7% 75. 75. 75. 75. 4 5 6 7 8 9 10 10 10 10 10 10 Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 45

Financial Loss by Downtime What is your organization's estimated financial loss PER HOUR of downtime? Consider your organization's MOST CRITICAL function(s) NOT operating. Please select by time of downtime. Be sure to consider ALL potential impacts to the organization and estimated financial losses. Estimated Financial Loss per Hour of Downtime - 6 5 4 Unable/ Difficult to calculate Less than $5,000 / Hour $5,000 - $10,000 / Hour $10,000 - $25,000 / Hour $25,000 - $50,000 / Hour $50,000 - $100,000 / Hour $100,000 - $500,000 / Hour $500,000 - $1,000,000 /Hour More than $1,000,000 / Hour 1 Hour 52. 6.2% 3.4% 5.6% 6.2% 11.3% 4. 4.5% 6.8% 8 Hours 50.9% 4. 2.3% 3.5% 5.2% 8.1% 10.4% 2.3% 13.3% 12 Hours 50.9% 3.6% 3. 0.6% 4.7% 8.9% 9.5% 4.7% 14.2% 48 Hours 49.4% 2.4% 1.8% 3.5% 1.2% 7.1% 9.4% 7.6% 17.6% 72+ Hours 48.8% 2.4% 1.8% 1.2% 1.2% 5.3% 4.7% 8.2% 26.5% Who is responsible for verifying these estimated financial losses per time frame? (Select all that apply.) Who Verifies Estimated Financial Losses per Time Frame Exceeds 10 due to Multiple Selections 35% 32.3% 32.8% 17.7% 21.4% 20.8% 17.7% 13. 5% Doesn't apply You Department leaders Division leaders C-Suite leader who supervises department for which BIA was performed BC Steering Committee C-Suite as an entity Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 46

For the estimated financial losses noted above, are they traced back to various insurance policies and coverages maintained by the company? Estimated Financial Losses Traced to Insurance Policies & Coverages 46.7% 53.3% Yes No If yes to the question above, are the estimated financial losses used to assist in placement of various insurance policies? Estimated Financial Losses Assist in Placement of Various Insurance Policies 33.3% 66.7% Yes No If yes to the above question, which policies are normally reviewed as part of this process? (Select all that apply.) Policies Reviewed with Estimated Financial Losses Exceeds 10 due to Multiple Selections 9 8 7 6 5 4 83.8% 46.5% 67.7% 55.6% 36.4% 58.6% 41.4% 32.3% 7.1% Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 47

Reasons for Planning Please rate the following primary reasons for developing & maintaining a program on a scale from 1-5 with 1 meaning LOW PRIORITY and 5 meaning HIGH PRIORITY. Primary Reasons for Developing & Maintaining a Program Enterprise Risk Management profile recommendations 7% 11% 29% 32% 21% Protection of reputation and brand of organization. 13% 57% Organization wants to protect and increase its economic value. 7% 17% 4 27% Organization wants to ensure safety of their employees. 31% 59% Organization wants to be perceived to be compliant with good Corporate Governance. 7% Organization wants to be globally competitive and must comply with international standards. 27% 23% Insurance policy recommendation 27% 13% 17% Contractual agreements/service-level agreements 7% 3% 23% 4 27% Customer requirement 7% 3% 27% Meet customer needs/expectations 3% 7% 7% 5 Right thing to do 3% 7% 14% 45% 31% Good business sense 3% 7% 13% 43% In response to audit results/recommendations 3% 23% 4 Comply with regulations or laws 27% 63% Protect stakeholders 3% 14% 21% 62% Minimize future impact 3% 7% 27% 63% History of business interruption(s) 7% 37% 13% 4 5 6 7 8 9 10 No importance Little importance Neutral Important Very Important Copyright 2017 BC Management, Inc. All rights reserved. SAMPLE REPORT BCM Benchmarking Page 48

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback