Business Continuity Planning (BCP) & Health Checks
What is it?
All businesses face threats. While few will ever have to deal with the potentially catastrophic impact of natural disasters and terrorist attacks (covered under Disaster Recovery Planning), every business does face the very real threat of software or hardware failure, sometimes as the result of deliberate and malicious attacks.
Such incidents could at best disrupt everyday business function and at worst could bring an organisation to a complete standstill.
A vital aspect of the whole Business Continuity Management (BCM) strategy, Business Continuity Planning (BCP) describes a considered strategic plan which details the specific processes and procedures that need to be put in place in the event of an unforeseen isolated incident. The purpose of the BCP is to protect a business’s critical functions and enable it to continue or re-start with minimal disruption.
BCP focuses on the management of an incident and its aftermath. It is the formulation of a plan that will be activated by IT professionals and business managers in the event of a major failing of any or all of an organisation’s systems. The general definition of this would be the loss of services, software, hardware failure, communications and/or the unavailability of critical personnel.
A BCP will utlise the intelligence gleaned from a Business Impact Assessment (BIA) and will include a Disaster Recovery Plan (DRP) which is the area of business continuity that deals with technology recovery in the event of a natural or manmade disaster.
Why implement a BCP?
As part of an organisation’s plan to grow and succeed, the ability to maintain the availability and integrity of its business in the event of a system interruption is fundamental to its continued success.
All businesses need to have a BCP in place which includes a detailed impact analysis, threat and risk analysis, impact scenarios and recovery requirements. Not only will this ensure that recovery time is minimal, but it also provides valuable reassurance to prospective customers and business partners by demonstrating a strong commitment to ensuring a safe and secure business environment.
What to do next
The first step is to determine the current Business Continuity Management status level, by identifying what measures are already in place and what is still required. This will be the basis upon which to develop a corrective action plan.
SRM can provide support and assistance at a variety of levels, based on the requirements of ISO22301. From providing a checklist that represents a baseline set of measures, to which all organisations should comply, through strategic risk assessment workshops, ultimately driving and managing the whole BCP process on behalf of a client.
There are a number of variables but many organisations will require an enhanced security management system which SRM has the experience and expertise to develop in conjunction with the organisation’s key personnel.
Thanks, we've received your details.
We'll be in touch shortly to discuss your requirements. In the meantime, please download your exclusive free copy of SRM's Guide to Cyber Essentials below.
Download your free copy