Business Continuity Planning

Business continuity planning is an integral part of doing business in the modern age. Ever since the surge of terrorism and natural disasters which can happen whenever nature calls, business continuity is a must. Contingency planning needs to be put in place. It’s not a question of whether something may happen or not – it is about putting the right steps in place today, in anticipation for what might happen in the future. Contingency planning and disaster recovery is the cost of doing business today. One disaster overnight could cripple your life’s work. Ask yourself, is your business prepared to recover in case of an unforeseen emergency or loss, such as building collapse, data center loss, or power outage that might prevent your business from functioning as normal? You will find that most companies are not nearly as prepared as they should be. For the year ahead, ISO 23001 is a perfect guide for updating your organization’s Business Continuity Planning. There is no time to wait – when disaster hits, your expenses will inevitably increase, and revenue will decrease. Beyond the financial repercussions, there are reputational considerations as well.

Using ISO 23001 as a guide to update your business continuity planning

Using ISO 23001 as a guide to update your Business Continuity Planning provides an ideal framework to tackle any challenges that might occur. It specifies requirements for planning, establishing, implementing and continuously improving upon your documented management system. This helps mitigate any possibility of loss that may occur in a time of disaster. It’s critical that steps are implemented in order to prepare, respond and recover from disaster of any kind. Your employees need to be adequately trained, and processes need to be crystal clear, so as to avoid any confusion. Time is mission critical during an emergency, and being prepared up front can buy you critical time on the back end.

I suggest using ISO 23001 to improve your BCM program in the context of:

  • Context of your Organization
  • Improvement
  • Leadership
  • Normative References
  • Operation
  • Performance Evaluation
  • Planning
  • Scope
  • Summary of Main Changes
  • Support
  • Terms and Definitions

Using ISO 23001 as a guide to update your business continuity planning: Requirements

In a risk assessment, it’s important to identify the most crucial factors that can affect your business entity. It’s paramount to understand exactly what all your needs and requirements are, in addition to any obligations. To determine what steps need to be taken to establish, implement and maintain your BCMS, evaluate the big picture and measure exactly how effectively your organization is able to cope with disruptive incidents. How do you score your organization? What are the key metrics that drive that score? Is your overall measurement likely to be accurate enough to tell the full story? In other words, this is not the time to play any guessing games. Make sure your data calculates the full extent of any necessary capabilities. In the planning process, be sure to measure the strategic objectives and guiding principles for effective performance and the implementation of various required steps. Again, it’s important for the organization to make the business continuity objectives crystal clear and to accurately outline the projects that will deliver the necessary results. Teams must be able to execute the process once implemented. This is why exercising and testing are so important, and must utilize approved methods and framing with the appropriate range of scenarios. Performance metrics and evaluations will serve the organization well, helping to tell the full story after review. Remember, focusing on continuous improvement allows for corrective actions to be put in place in addition to preventive ones.

Subject Matter Expert in Cyber Security, Business Continuity and Disaster Recovery