5 Simple Tips to Make Strong and Robust Business Continuity Plans

Advertise on CloudTweaks

Business Continuity Plans

Today’s organizations need comprehensive and robust business continuity planning for swift and effective action in case of a disaster or crisis. As the trade and supply chain have gone global, businesses today expect crisis response to be in seconds, not in hours, to ensure that the ripple impact is minimized. As organizations go digital, an IT failure can cripple the whole supply chain and business operations, causing extreme losses within hours and requiring countless hours to recover from the them. Plans to mitigate IT failures are also affected by the complexity of today’s IT infrastructure. As applications and systems are added based on business and market requirements, newer technologies and infrastructure pose new challenges.

Most businesses leverage cloud based platforms for their enterprise needs at least partially. The cloud helps businesses minimize costs and maximize efficiency; made for speed and convenience, it can scale up and down as needs demand and bring flexibility to business operations. However, the added overhead of managing cloud data centers, planning and performing test exercises across multiple locations and vendors as well as managing a crisis recovery, requires that organizations pay critical attention to their cloud solutions in combination with legacy infrastructure.

Today, an effective business continuity plan requires dynamic collection of information across the extended organization in a continuous manner. Organizations need to overcome the traditional fragmented approach to business continuity and formulate the business continuity strategy that adheres to the following five-point agenda:

1. Champion Business Continuity at the Highest Level

With senior management sponsorship, the business continuity plan will occupy its rightful position, high up in business priorities. This is important for sufficient budget, resourcing and training to be assigned to it. Senior leaders must set the tone at the top by insisting on robust crisis planning and regular reviews as a standard practice rather than a mere formality.

In August, Delta suffered a major IT outage that resulted in a $100 million loss in revenues for the airline. The impact was far-reaching, affecting check-in systems, flight information screens, the airline’s website and smartphone apps. The disruption to customers was extensive as well.

This is just one example of many; unfortunately, downtime of one type or another is a common situation in business. According to the Continuity Insights and KPMG, Global BCM 2016 report, 39 percent of global organizations have estimated the cost of business disruption to be $100,000 or less and 27 percent have estimated business disruptions ranging from $100,000 to $5 million or more in the last 12 months . This highlights the need for robust business continuity planning, championed at the highest level.

bcm-costs

Types of Instances and Interruptions in Past Year

bcm-types-of-risks

2. Review, Update and Test Regularly

The business continuity plan is a living document; it isn’t one to be created, filed and never looked at again. Risks evolve. Exercising the plans on a regularly scheduled basis will ensure businesses keep pace with the changing environment and understand what’s needed to protect critical infrastructure and preserve operations during a physical or virtual attack. Companies must learn from their own experience. Worryingly, according to Forrester and the Disaster Recovery Journal, 33 percent of businesses who had to invoke a business continuity plan, said one lesson learned from the experience was that the plan was out of date. Yet, 60 percent never carry out a full simulation of their business continuity plan for the entire organization; most walk through the plan as a document review.

It is of utmost importance that business continuity plans be reviewed by senior management and the planning team. Also, test results should be periodically evaluated and reported to the board, to assess the nature and scope of any changes to the organization’s business.

3. Include Partners, Suppliers and Third Parties

Companies don’t pay enough attention to the significant role of partners, suppliers and third parties in their business continuity. Deloitte found that over 94 percent of survey respondents had low to moderate confidence in the tools and technology used to manage third party risk and 88 percent felt the same about risk management processes. This, despite 87 percent having experienced disruption in the past three years that involved a third party.

Business continuity planning and disaster recovery has to be part of early third party discussions with responsibilities documented in service level agreements. Plans need to be aligned so that it is clear and easy to identify who does what, and where the handover points are when a plan is executed. The tools and systems used for collaboration must support transparency of information so that both parties are able to work from up to date information and take swift action in the event of a crisis.

4. Prioritize Ongoing Business Operations

The continuity plan should demonstrate that the business understands the priority level of its systems and that mitigating plans are in place to restore core operations as quickly as possible.

Cyber Crime DDoS

In the case of the Delta crisis, the outage was so extensive that it paralyzed business critical operations. The range of problems that can disrupt business – natural disasters, industrial action, cybercrime, IT failures, political or economic upheaval, suppliers ceasing to trade and so on – is so vast, and the systems and operations that can be impacted can be so wide that prioritization is a must.

A cloud-based option provides many benefits as an off-site back-up solution to ensure the efficacy of your continuity plan. However, as you develop your plan, ask yourself if a cloud-based option would increase the efficiency and cost-effectiveness of your plan and cover off essential considerations such as due diligence and service reliability with their provider. Another option is establishing a back-up plan that is independent of the cloud by leveraging personalized file backups, cross-device continuity solutions and communication software. The main aim is to get back faster and limit the amount of time that you’re spending without access to critical systems and information, by having a clearly defined continuity plan in place.

5. Define the Communications Plan Clearly

The business continuity plan has to be absolutely clear on how all stakeholders are going to be kept informed and how to enable upstream and downstream communication channels in times of crisis. Stakeholders include employees at all levels of the organization, such as suppliers, partners and customers.

The goal of the communications plan is to outline the channels and mechanisms for the sharing of information that will support efforts to resolve an issue at hand and limit the extent of its damage. How a company handles a crisis has an enormous impact on how they come out of the incident – people remember how the organization dealt and reacted to the issue and how convincing they were over the company’s efforts to make things right. For this reason, crisis management communications must be engaged at the earliest opportunity.

Service disruption is damaging to all businesses not only in terms of immediate revenue loss but also in the longer term brand and reputational impact. The business continuity plan is an essential, living document that aims to protect the ongoing sustainability of the business. Those that plan and execute well will see better performance in the long-run and be best-placed to weather the storms, whatever form they take.

By Vibhav Agarwal

Vibhav Agarwal

Vibhav Agarwal is the Director, Product Marketing at MetricStream.

Vibhav has 11+ years of progressive experience in Enterprise product marketing, sales management, ERP & CRM program planning and delivery, software vendor selection and implementation across Hi-Tech, Trading & Capital Markets and Internet domains. Worked extensively in various roles dealing with multinational conglomerates as well as mid-sized companies like Info Edge India, in deals ranging between 0.5-30 million USD. Exposure to all stages of product and IT applications, sales & marketing, product management, and enterprise implementations.

View Website

CONTRIBUTORS

Cryptographic Key Generation – It’s Time To Pay Attention

Cryptographic Key Generation – It’s Time To Pay Attention

Cryptographic Key Generation When we think about cryptographic keys, we tend to think about closely guarded secrets. Keys are the only ...
Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, ...
73% of Executives Are Researching & Launching IoT Projects

73% of Executives Are Researching & Launching IoT Projects

New IoT Projects Manufacturing-based IoT connections grew 84% between 2016 and 2017, followed by energy & utilities (41%). 73% of ...
What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The ...
Using Private Cloud Architecture For Multi-Tier Applications

Using Private Cloud Architecture For Multi-Tier Applications

Private Cloud Architecture These days, Multi-Tier Applications are the norm. From SharePoint’s front-end/back-end configuration, to LAMP-based websites using multiple servers to handle ...
The Coming of Cloud Ended the AI Winter

The Coming of Cloud Ended the AI Winter

The Coming of Cloud Use Alexa, Siri, or Google Home? They are AI’s – Artifical Intelligences. Today, AI is in ...
5 Tips For Improving Enterprise Cloud Success In 2017

5 Tips For Improving Enterprise Cloud Success In 2017

Improving Enterprise Cloud There has been an increase in the adoption rate of cloud technology to help businesses keep capital ...
Benefits of Licensing Software as a Service In The Cloud

Benefits of Licensing Software as a Service In The Cloud

Software as a Service In The Cloud When Microsoft moved to a monthly cloud-based subscription package for its Windows 10 ...

NEWS

Treacherous 12: Top Threats to Cloud Computing + Industry Insights

Treacherous 12: Top Threats to Cloud Computing + Industry Insights

Top Threats to Cloud Computing SEATTLE, Oct. 20, 2017 /PRNewswire/ -- The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining ...
Cisco Unveils Industry's First Predictive Services Powered by AI

Cisco Unveils Industry’s First Predictive Services Powered by AI

New offerings designed to manage growing technical skills gap through unique expertise, intelligence and automation SAN JOSE, CA--(Marketwired - Oct ...
Toyota to test self-driving, talking cars by about 2020

Toyota to test self-driving, talking cars by about 2020

TOKYO (Reuters) - Toyota Motor Corp (7203.T) on Monday said it would begin testing self-driving electric cars around 2020, which ...

CloudTweaks CONTRIBUTOR PROGRAM

The CloudTweaks thought leadership profile building program is free to join but requires a commitment of atleast 3 articles over a 12-month period. Articles must be vendor-neutral in nature, related to connected cloud technologies and written by an executive level business representative to be considered.

You can also contact us to hear more about our on-demand content and lead generation programs for 2018