Business continuityPlaning

8/10/2019 Business continuityPlaning

1/5

Business continuity encompasses a loosely-defined set of planning, preparatory and related

activities which are intended to ensure that an organization's critical business functions will

either continue to operate despite serious incidents or disasters that might otherwise have

interrupted them, or will be recovered to an operational state within a reasonably short period. As

such, business continuity includes three key elements:

.Resilience: critical business functions and the supporting infrastructure are designed and

engineered in such a way that they are materially unaffected by most disruptions, for e!ample

through the use of redundancy and spare capacity"

2. Recovery: arrangements are made to recover or restore critical and less critical business

functions that fail for some reason.

#. Contingency: the organization establishes a generalized capability and readiness to cope

effectively with whatever ma$or incidents and disasters occur, including those that were not, and

perhaps could not, have been foreseen. %ontingency preparations constitute a last-resort response

if resilience and recovery arrangements should prove inade&uate in practice.

f there is no Business %ontinuity plan implemented and the organization in &uestion is facing a

rather severe threat or disruption that may lead to bankruptcy, the implementation and outcome,

if not too late, may strengthen the organization's survival and its continuity of business activities.

(he management of business continuity falls largely within the sphere of risk management, with

some cross-over into related fields such as governance, information security and compliance.

)isk is a core consideration since business continuity is primarily concerned with those business

functions, operations, supplies, systems, relationships etc. that are critically important to achieve

the organization's operational ob$ectives. Business mpact Analysis is the generally accepted risk

management term for the process of determining the relative importance or criticality of those

elements, and in turn drives the priorities, planning, preparations and other business continuity

management activities.

(he foundation of business continuity are the standards, program development, and supporting

policies" guidelines, and procedures needed to ensure a firm to continue without stoppage,

irrespective of the adverse circumstances or events. All system design, implementation, support,

and maintenance must be based on this foundation in order to have any hope of achievingbusiness continuity,disaster recovery,or in some cases, system support.
http://en.wikipedia.org/wiki/Disaster_recoveryhttp://en.wikipedia.org/wiki/Disaster_recoveryhttp://en.wikipedia.org/wiki/Disaster_recoveryhttp://en.wikipedia.org/wiki/Disaster_recovery


2/5

Model Approach:

Business %ontinuity *anagement can be a comple! process. (his has been recognised by the

Business %ontinuity nstitute who have established a + - point model for developing effective

business continuity management strategies:

Project Initiation and Management

(o establish the need for a business continuity plan B%, including obtaining

management support and organizing and managing the pro$ect to completion, withinagreed time and budget limits.


3/5

RiskEvaluation and Control

(o determine the events and environmental surroundings that can adversely affect theorganization and its facilities with disruption as well as disaster, the damage such events

can cause, and the controls needed to prevent or minimize the effects of potential loss.

rovide cost-benefit analysis to $ustify investment in controls to mitigate risk.

usiness Impact Analysis

(o identify the impacts resulting from disruptions and disaster scenarios that can effect

the organization and techni&ues that can be used to &uantify and &ualify such impacts./stablish critical functions, their recovery priorities, and inter-dependencies so that

recovery time ob$ectives can be set.

!eveloping usiness Continuity "trategies

(o determine and guide the selection of alternative business recovery operating strategiesfor recovery of business functions and ( within the recovery time ob$ectives, while

maintaining the organization0s critical functions.

Emergency Response and #perations

1evelop and implement procedures for responding to and stabilizing the situation

following an incident or event, including establishing and managing an /mergency2perations %entre, to be used as a command center during the emergency.

!eveloping and Implementing usiness Continuity Plans

(o design, develop and implement the B% that provides recovery within the recovery

time ob$ective.

A$areness and %raining Programs

(o prepare a program to create corporate awareness and enhance the skills re&uired todevelop, implement, maintain and e!ecute the B%.

Maintaining and E&ercising usiness Continuity Plans

(o pre-plan and co-ordinate plan e!ercises, and evaluate and document plan e!ercise

results. 1evelop processes to maintain the currency of continuity capabilities and the plandocument in accordance with the organization0s strategic direction. 3erify that the plan

will prove effective by comparison with a suitable standard, and report results in a clear

and concise manner.

Pu'lic Relations and Crisis Co(ordination

(o develop, co-ordinate, evaluate and e!ercise plans to handle the media during crisissituations. (o develop, co-ordinate, evaluate and e!ercise plans to communicate with and,as appropriate, provide trauma counseling for employees and their families, key

customers, critical suppliers, owners4stockholders and corporate management during

crisis. /nsure all stakeholders are kept informed on an as-needed basis.

Co(ordination $ith Pu'lic Authorities

(o establish applicable procedures and policies, for coordinating continuity and


4/5

restoration activities with local authorities while ensuring compliance with applicable

statutes or regulations.

B%* is also a key topic when talking about the concept of organisational resilience,

where an organisation is able to effectively handle changes, challenges and stress. An

important element of B%* is developing effective Business %ontinuity lans B%s toenable organisations to continue key operations during and after a disruption. B%* can

include the following elements:

5prevention and mitigation

5crisis4incident management

5emergency planning and management

5business continuity planning.

6hat are the benefits of a Business %ontinuity *anagement program7

1eveloping and maintaining business continuity plans are re&uirements for governmentagencies. Beyond compliance, effective B%* can:

5 *inimize legal liability : 2rganizations are e!pected to act reasonably in the

event of disasters. )eviews, in&uiries and in&uests can shine the spotlight onorganizations which do not manage disasters effectively and can result in significant

damage to the organization and persons involved.

5 rotect or enhance reputation oor responses to crises and emergencies can

destroy or impair reputations. 2n the other hand, an organization that respondseffectively can improve its reputation.

5 8elp achieve the organization0s ob$ectives and goals.A &uick return to operations

and services can ensure goals are reached and compliance is upheld.

5 %ontributes to organizational resilience

(he B%* process and framework can help embed a strong risk-aware and continuous-improvement culture. t can give the organization the fle!ibility to adapt to adverse

circumstances. 9ome characteristics of resilience might include: - preparing and training

staff for minor and ma$or business disruptions - enhancing coordination and governanceduring a disruption - reducing the cost of operating during a disruption, freeing up

resources to focus on opportunities - protecting public value through the continuation of

key services.


5/5

)hat is usiness Continuity Planning *CP+,

A proactive process that identifies and prioritizes the critical

functions and the likely threats to those functions. rom this information, plans and

procedures are developed through a regular program of personnel training, plan testing,and maintenance. (hese management disciplines, processes, and techni&ues provide

business continuity for critical business functions under the circumstances and limits set

by senior management.

(hese circumstances and limits include:

1efining worst-case scenarios used for business continuity planning.

Approving the funding and staffing of the company's B% rogram.

)hy "hould $e do usiness Continuity Planning *CP+,

ts done:t is the right thing to do for our patients, staff, and communities

t ensures compliance with our ever increasing regulatory re&uirements

t enhances our ability to avoid:

o nterruptions to patient care delivery

o inancial losses

o )egulatory fines

o 1amage to e&uipment

Phases o- Continuity Planning:

s

Documents

Business continuityPlaning