Contact Us

Business Continuity Planning – Are You Covering Your Bases?

Business Continuity Planning – Are You Covering Your Bases?

This is not a Drill

With the COVID-19 global pandemic now in full effect, the execution of Business Continuity Plans (BCP) have taken the forefront in the past few months.

Organizations are having to rely heavily on the effectiveness of their BCPs. For companies, business continuity plans are like the insurance you hope to never claim, yet it’s importance can never be overstated. The truth is, even with the best run drills and rehearsals, nothing can really prepare us for the real thing. The chaos and panic induced by the need to activate BCPs can sometimes distract us from initiating an effective plan.

There are some essential elements that must be completed to ensure reasonable assurance of your BCP effectiveness, these include the following:

  • Risk Assessment - involves the process of identifying the potential risks to the organization, assessing the critical functions necessary for the organization to continue business operations, defining controls in place to reduce exposure and evaluating the cost of such controls.

  • Business Impact Assessment - must be performed to assess the overall financial exposures and operational effects resulting from a disruption in business activities. The BIA should identify and help to prioritize the critical business processes supported by the IS infrastructure including, but not limited to, a cost-benefit analysis of controls in different disruption scenarios.

There are other factors contributing to the overall effectiveness of a Business Continuity Plan and as such a BCP must:

  • Be understandable, easy to use and maintain.

  • Identify critical information resources related to core business processes.

  • Assess each business process to determine its criticality. Indications of criticality include:

  1. The process supports lives or people’s health and safety.

  2. The process is required to meet legal or statutory requirements.

  3. Disruption of the process would affect revenue.

  4. There is a potential impact to business reputation, including that of the customers.

  • Validate recovery time objectives (RTOs) and recovery point objectives (RPOs) for various systems and their conformance to business objectives.

  • Identify the conditions that activate the contingency plan.

  • Identify which resources will be available in the contingency stage and the order in which they will be recovered.

  • Identify the enablers (people and resources) required for recovery.

  • Select project teams in accordance with technological and business environments to provide reasonable representation of core and critical functional areas to develop the plan.

  • Identify the methods of communication between enablers, support staff and employees.

  • Identify geographical conditions related to the recovery of operations.

  • Define recovery requirements from the perspective of business functions.

  • Develop a comprehensive BCP test approach that includes management, operational and technical testing.

  • Identify mechanisms and decision makers for changing recovery priorities resulting from additional or reduced resources as compared to the original plan.

The aforementioned factors being covered within your business continuity plan are no indication of how effective execution will be, however it does provide a solid basis for BCP development.

So are we covered?

With all the focus on cybersecurity, it is ironic that an influenza virus is the threat that is causing such adverse impact on people and businesses worldwide. I mean, how do you firewall the flu? For now, the world will travel to work digitally via video/audio conferencing or Virtual Private Network (VPN). As a result, the demand and dependence on IT infrastructure across the globe has increased significantly over the past few weeks.

Meanwhile, the benefits of cloud computing are even more evident considering recent events. With two of its main features being availability and scalability, businesses can now place critical processes in cloud environments, while improving BCP effectiveness. Whichever BCP strategy is adopted by your organization, it is pertinent to ensure that the strategy being employed is best suited for the business and it's operating environment.

The Crucial Role of IT Audit and Assurance Assessments in Modern Organizations

Transformation, Assurance & Compliance......

In an era where IT is at the core of virtually every organizational function, the significance of IT audit and assurance assessments cannot be underestimated. These assessments provide a structured approach to safeguarding data, managing risks, ensuring compliance, and optimizing IT operations.

Digital Transformation: The Importance of Getting and Maintaining Buy-In

Transformation, Assurance & Compliance......

Digital transformation is a buzzword that's been echoing through the corridors of businesses worldwide.

Why your staff is Not Listening!

Transformation, Assurance & Compliance......

It may be argued by many CEOs that we are in a new digital era where all business operations must be transformed through technology to radically increase revenues and the efficiency of value delivery.

Modus Operandi - Risky Business

Transformation, Assurance & Compliance......

The Modus Operandi Article Series was developed to discuss specific modes of operating that will impact various aspects of a business, whether negatively or positively.

What's missing from your compliance process?

Transformation, Assurance & Compliance......

Cloud migration is the process of moving data, applications, and other business operations to a cloud-based environment.

The Future of Money Is Digital

Transformation, Assurance & Compliance......

What Is Digital Currency, and How Can It Benefit Businesses?

More Resources

How can we help you?