The Business Continuity Blueprint. A practical guide to. business continuity planning. PART 1 An Introduction

Similar documents
Risk Management Policy and Procedures.

Risk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY

Risk Management Framework

Procedure: Risk management

South Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy

INTEGRATING RISK MANAGEMENT AND BUSINESS CONTINUITY

Perpetual s Risk Management Framework

Executive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B

Business Continuity Plan

Financial Risk. Operational Risk. Strategic Risk. Compliance Risk. Chapter 2 Risk management. What is risk?

The Bigger Picture. Personalised Investment Management

Insuring intangible assets: Is the insurance industry keeping pace with its customers changing requirements?

Cyber Risk Enlightenment through information risk management

University of the Sunshine Coast (USC) Risk Appetite Statement

CRISIS MANAGEMENT YOUR STEPS TOWARD RECOVERY

Recover or Fail? Business Continuity Planning for Broker Independence Group Brokers

RED ALERT EMERGENCY RESPONSE. emergency response. red alert. In critical situations you should know exactly where to put your fingers first.

REPUTATION RISK ON THE RISE

Lifestyle Financial Planning

Nagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0

Proactive and professional trustee services. The benefits of working with PS Independent Trustees

ENTERPRISE RISK MANAGEMENT POLICY FRAMEWORK

Risks and uncertainties facing the business

A GUIDE TO CYBER RISKS COVER

Goodman Group. Risk Management Policy. Risk Management Policy

Preparing a business continuity plan

Risk Management Policy

Insurance Contracts for 831(b) Enterprise Risk Captives Policies and Pooling Agreements

Construction projects: manage risk to achieve success

On Obtaining OSFI Approval

SMALL BUSINESS. Guide to Business. Continuity Planning. Ensure your business continues to operate in the event of a disruption.

Nagement. Revenue Scotland. Risk Management Framework

Bournemouth Primary MAT Risk Management Policy

Risk Management Strategy Highland Council Pension Fund

Arthur J. Gallagher - Education Practice

LIABILITY INTERRUPTION OF ACTIVITIES CYBER CRIMINALITY OWN DAMAGE AND COSTS OPTION: LEGAL ASSISTANCE

Stena AB Group Tax Strategy 2017

WHOLESALE RISK INSIGHT FOCUSSING ON RISK ISSUES IN WHOLESALE, WAREHOUSING AND DISTRIBUTION. WHOLESALE Risk Insight

RISK MANAGEMENT FRAMEWORK

Risk Management Framework

Version: th November 2010 RISK MANAGEMENT POLICY

Formulating Your Business Continuity Plan. ds-inc.com (609)

Risk Management Policy and Framework

AT OUR PROPOSAL A CLOSER LOOK. Your guide to what we want to offer

Why your board should take a fresh look at risk oversight: a practical guide for getting started

Submission: A proposal for a strong and sustainable future for supported and sheltered housing

Why CISOs Should Embrace Their Cyber Insurer

Formulating Your Business Continuity Plan. ds-inc.com (609)

JFSC Risk Overview: Our approach to risk-based supervision

Risk Management Framework

Risk Management Strategy

Scouting Ireland Risk Management Framework

the discerning investor The Executive Bond offers you a high-powered portfolio that puts you in the driving seat.

Understanding investments. A quick and simple guide to investing.

V aluation. Concepts. Playing the wild card <> Company-specific risk affects many business appraisals. inside:

DEBTS AND DISPUTES. Understanding Debt. What to do?

Brexit for insurance. Mapping the road to Brexit

International Withholding Tax The Responsibilities of Issuers to Foreign Shareholders

Headline Verdana Bold Managing tax Balancing current challenge with future promise The EYE, Amsterdam, 30 November - 1 December 2016

Introduction. I hope you find it helpful. Do get in touch if you have any other questions, or want to give Vestd a try. Thanks,

Risk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic

THE BUSINESS OWNERS GUIDE TO WILLS AND LASTING POWERS OF ATTORNEY (LPAs)

FINCH GROUP INDEPENDENT INSURANCE BROKERS CORPORATE INTRODUCTION

Business Continuity Planning. A guide to loss prevention

Risk Management Policy

Competitive process for the selection of the Permanent Trustee

Nottinghamshire Pension Fund INVESTMENT STRATEGY STATEMENT. Introduction. Purpose and Principles. March 2017

ValueWalk Interview With Chris Abraham Of CVA Investment Management

Risk Management User Guide. Prepared By: Neville Turbit Version Feb /01/2009 Risk Management User Guide Page 1 of 36

Module 6. Trading discipline

Insolvency FAQs. inbrief. Inside

INTEGRATED RISK MANAGEMENT FRAMEWORK (STRATEGY AND POLICY)

Partnership and shareholder business protection

Women & Investing: Take Control of Your Wealth

Western Power Distribution: consumerled pension strategy

Wealth creation is achieved by steering you in the right direction, delivered through our expertise and trusted Management

Growing your business with affordable financing

Catastrophe Risk Engineering Solutions

RISK MANAGEMENT FRAMEWORK

POLICY RISK MANAGEMENT AND REPORTING. Introduction

Risk Management Policy and Strategy

Risk Management: Process and Culture in ESB

The Rt Hon Philip Hammond MP Chancellor of the Exchequer HM Treasury 1 Horse Guards Road London SW1A2HQ 5 December 2018

Risk Management Policy Adopted by:

Financial protection for you and your family

Step 2: Decide Who Might be Harmed and How. Step 3: Evaluate the Risks and Decide on Precautions. Step 4: Record Your Findings and Implement Them

7/25/2013. Presented by: Erike Young, MPPA, CSP, ARM. Chapter 2. Root Cause Analysis

Why arrange your insurance with Hiscox Private Client?

Delivering Clarity to Credit Unions Through Expertise and Experience

RISK MANAGEMENT FRAMEWORK

NEGOTIATION REVIEW. Negotiating Risk By Roger Greenfield. thegappartnership.com

Life and protection insurance explained

Driving corporate sustainability through risk management

An executive summary should include the purpose of having a BCP for your business and highlight the key points in your plan:

How well do you really understand cyber risk?

Supply Chain Risk Management. Willis Latin America Energy Conference October 10, 2012

The Central Bank of Ireland Risk Appetite: A Discussion Paper

2016 to Shared Legal Solutions 5-year Business Plan

Your guide to property and liability claims

Lloyd s City Risk Index

Transcription:

The Business Continuity Blueprint A practical guide to business continuity planning PART 1 An Introduction

CONTENTS FOREWORD A practical guide to Business Continuity Planning Part 1 - An Introduction It s like life assurance; whilst you hope never to use it, BCP assures shareholders and trustees, regulators, customers, suppliers and employees. It makes them happy to invest in you Business Continuity Planning speed read BCP in 60 seconds Why do you need a Business Continuity Plan? In the event of a disruption, having a plan in place can reduce the impact on your customers, suppliers, investors, reputation and ultimately, your revenue The relationship between BI Insurance and BCP Business Interruption (BI) insurance compensates organisations with long recovery times, underwriting their gross profit and increased cost of working. For many it represents essential risk management Driving business value with BCP Managers from key disciplines have strong and sometimes different interests in realising the value of BI and BCP Do you really need a BCP? Common-sense suggests that most chaotic situations do not run smoothly - unless you planned for them BCP Check List 10 steps to get started 1 3 5 7 9 11 Faced with catastrophe, it s tempting to think we are so familiar with our business that we could rebuild it without a plan difficult, but doable. Perhaps, but there are points to consider before you take this route. Faced with a burned-out office already trending on social media, how long before customers and competitors notice and start to act? You probably have a few hours to plan your response. Unable to operate, you start to lose revenue, the phone goes unanswered and suppliers terms harden. You have a crisis to manage - no time, no information, no resource and no tried and tested strategy with which to reassure stakeholders, who are now clamouring for information. You call a meeting and set a recovery deadline that aims for 50% of normal output inside a week. Is it enough? Can you deliver? Is that for all products and services, or would you want to prioritise? What then are the implications for recovering IT? Where will other key business functions go? What messages should the sales team pass to prospects? And what about seasonality, does that change things? And somehow, amidst all the questions, you have a business to run. Like them, it is not generally viewed as a bottom-line contributor, but has an important part to play. BCP equips you to answer the deluge of questions posed during a crisis - in relative comfort. It puts you in control, buys you time and builds confidence. There are various formal definitions available for BCP, however a working description might be A systematic process involving planning and preparation that ensures we can respond acceptably to any operational emergency affecting the business Like other management disciplines, BCP needs to be established as a continuous activity with a policy framework and approach, an owner, a budget and top management backing. From here and with a relatively light touch, you can go on to analyse the business and write a plan. BCP derives value from its satisfaction of risk governance criteria, ensuring that your exposure to continuity-threatening events aligns with stakeholders risk appetites. It s like life assurance; whilst you hope never to use it, BCP assures shareholders and trustees, regulators, prospective and live customers, suppliers and employees. It makes them happy to invest in you. Business Continuity Planning (BCP) is a management discipline that sits alongside others such as risk, compliance, information security and so on. John Robinson Managing Director, Inoni

/ SPEED READ / Business Continuity Planning (BCP) in 60 seconds Disruption is a fact of life and mostly, businesses deal with it. However, very occasionally, something happens that is so disruptive it demands all our attention. Time waits for no-one. If the situation can t be contained using standard procedures, we haemorrhage money, reputation and production at a rate we can t control. There is no time to think and it s too late to make provisions. You are unique and the causes of disruption are well-known, from building collapse to supplier failure, pandemic to cyber-attack. However, the effects these have on you are a total reflection of your business. There is no standard response. Your business is complex with many highly interconnected and synchronised components. Rebuilding it whilst continuing to operate near-normally is no straightforward task. Business Continuity Planning equips you to survive a major disruptive event. It encourages you to develop and test a practical plan for getting the organisation back on track before it suffers irreparable damage. 1 2

WHY DO YOU NEED A BUSINESS CONTINUITY PLAN? In the event of a disruption, having a plan in place can reduce the impact on your customers, suppliers, investors, reputation and ultimately, your revenue In the event of a disruption: 1. You avoid knee-jerk dead-end reaction 2. You have calculated recovery deadlines that avoid excessive spend or risk 3. You develop capability, so your people know what to do when called on 4. You build organisational resilience, balancing toughness and recoverability 5. Your plans can save lives, ensuring correct emergency procedures are followed 6. You enhance insurance value, balancing BCP against BI 7. You inspire customer confidence, knowing they can rely on you, no matter what 8. You have the confidence of your investors, knowing their money is in safe hands 9. You have the confidence of your suppliers, knowing their bills will be paid 10. Your plans can preserve brand value and company reputation 11. Your plans can ensure supply chain security and order fulfilment 3 4

THE RELATIONSHIP BETWEEN BI INSURANCE AND BCP WHAT IS BI INSURANCE? Business Interruption insurance (also known as Loss of Income or Consequential Loss) is arguably as important as your Buildings and Contents cover and is an essential part of your Business Continuity Plan. It is designed to cover losses you may experience if your business is affected by insurable perils such as damage by fire, flood or even the loss of utilities for a defined period of time. WHY DOES MY BUSINESS NEED BI? Organisations fail when they run out of cash. This can arise for many reasons, from market collapse to financial mismanagement, but also because of unplanned disruption. BI underwrites your gross profit, typically for a year or more. It buys you time to focus on rebuilding, keeping customers and restoring revenues. Business Interruption (BI) insurance compensates organisations with long recovery times, underwriting their gross profit and increased cost of working. For many it represents essential risk management HOW DOES BI SUPPORT MY BCP? The problem is that without a BCP, your response to catastrophe is purely reactive. You re in shock and even with funding and your best efforts, it may be too late for the business. Equally, if you don t have BI, you may run out of cash before your plans can be realised. The fact is, BI needs BCP and vice versa, each maximising the value of the other. 5 6

DRIVING BUSINESS VALUE WITH CONTINUITY PLANNING Managers from key disciplines have strong and sometimes different interests in realising the value of BI and BCP Risk and Insurance Insurance doesn t cover all aspects of Business Continuity risk, since it can t reasonably prevent brand or customer erosion if you respond inappropriately or too slowly. Because of this, many policies now expect you to have a tested BCP that documents your capability. Marketing and PR What you communicate in a major incident defines how you are judged by your customers, competitors, investors, suppliers and employees. Their confidence in your planned recovery can determine whether you will succeed, so what you say and do matters. BCP supports this. Finance Major disruption reduces income, starving the business of liquidity over a period of time, causing it to fail. Insurance policies oblige you to minimise insurable losses too. Business Continuity Planning focuses on this, establishing what must be done and by when to recover revenues before this point is reached. IT IT delivers vital services but how it does this is rarely understood by the business. In a major disruption, every department will tolerate loss of IT for a characteristic time before it becomes unbearable, and this shapes what IT must deliver and at what cost. BCP sets acceptable recovery times for IT services. HR In a major business incident protecting people is our number one priority, but somehow alongside this we must also prioritise the needs of the business and its customers. Business Continuity Planning coordinates emergency response with crisis management and business recovery. Procurement Organisations rely on their supply chain and inherit its risk. It helps to know which suppliers are business-critical and how your response to major disruption dovetails with theirs. Business Continuity Planning takes account of supply chain dependencies. Operations Rebuilding production following disruption can be complex and carried out under extreme pressure invites catastrophic error. Business Continuity Plans formalise the response to different sources of disruption, ensuring they are thought-through and viable. Governance Investors are more likely to entrust their money to an organisation who takes governance seriously, managing all exposures against their risk appetite. Every organisation faces extreme events and Business Continuity Planning helps mitigate this class of risk. Health, Safety and Environment Most regulatory bodies require their subject organisations to own and test Business Continuity Plans. Many formal standards also include risk and continuity management as part of their implementation framework and certification requirements. Facilities Many major incidents involve damage or destruction of infrastructure and having available alternatives underpins every other aspect of recovery. Consequently, facilities managers should have Business Continuity Planning as part of their remit. Sales and Customer Service People think twice before buying any product from a failing organisation. Business Continuity Planning delivers powerful messages to customers, reassuring them that they will never be left uncertain or under-supplied if the business suffers disruption. 7 8

DO YOU REALLY NEED A BUSINESS CONTINUITY Common-sense suggests that most chaotic situations do not run smoothly - unless you planned for them PLAN? We don t need one - we re prepared and will cope We have insurance to cover our losses In a catastrophe you have a finite time available in which to recover, using only what is to hand. If you miss the deadline, your organisation faces a potentially irrecoverable situation, haemorrhaging money and reputation beyond the point of no return. Planning buys time, prepares and co-ordinates resources in the best possible way. It allows forethought, refinement and practice, making the deadline more concrete, and it documents the steps to recovery. Insurance provides you with cash compensation. However, it won t reconstruct operations or hold onto your customers and reputation - you must do this yourself. You need to create belief in your ability to deliver before they turn to competitors and are potentially lost forever. Smaller firms may be able to do this reactively, but common-sense suggests that most chaotic situations do not run smoothly - unless you planned for them. We don t have the time nor money to develop a plan We already have a plan in place We get it. BCP is off the radar for many small firms. However, most are relatively uncomplicated so it isn t so hard to write a plan, and any investment of time, effort and money should be correspondingly small. Set this against the blood, sweat and tears invested in creating and nurturing your business, and why would you not take this last common-sense step to help protect what you built? If the business is multi-faceted with complex processes and supply chains, then recovering it following a disruption probably needs a BCP. Great work, you have a plan. But take a moment to reflect - it needs to be up-to-date, detailed and totally applicable in an emergency. If it fails on any of these points, the chances are at best it will be discarded and at worst it will mislead, potentially with catastrophic results. Also, if customers, shareholders, employees, suppliers and insurers believe you have a working plan but in fact you don t, you risk misleading them. This may result in a breach of trust and governance and potential legal consequences. 9 10

10 STEPS TO GET STARTED ON BUSINESS CONTINUITY 1. Get executive support 2. Learn about Business Continuity Management (BCM) 3. Understand your organisation from a BCM standpoint 4. Identify key interested parties, e.g. heads of departments How resilient is your business? find out in 10 minutes. Visit: www.kerrylondon.co.uk/bcp 5. Draft a Business Continuity Policy 6. Create a delivery framework and programme 7. Assess the risks and establish some scenarios 8. Analyse the impacts and set recovery deadlines 9. Draft and agree strategies 10. Develop plans and responses Part 2 of the Blueprint will look at each of these steps in more detail. To receive it first, sign up here. Inoni is a leading provider of business continuity, resilience and risk management solutions. We help our clients manage risk and systematically defend them against major disruption. Since 2004 we have delivered a comprehensive and innovative range of flexible services and expertise for organisations of all sizes and sectors. Inoni is also the name of our flexible software platform. It lets us create a bespoke automated solution that fits your business and saves you time, driving up reliability, consistency and productivity. Our approach differentiates us, ensuring every customer receives personalised treatment and support so they benefit from all we know. Above all we observe the highest standards of honesty, transparency, service, professionalism, value for money and quality in everything that we do. INONI Limited, 62 Waterloo Road, Wokingham, Berkshire RG40 2JL +44 (0) 1189 629 757 info@inoni.co.uk www.inoni.co.uk 11 12

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback