Important: The Scope Of A Business Continuity Plan

by | Nov 30, 2016

You’ve worked hard to build up your business, and it’s growing. The future looks bright. Then you get the news every small business owner or manager dreads – there’s been a fire, or a flood, or perhaps a tornado, or even an earthquake. Whatever the reason, your place of business has been rendered unusable, and for the moment at least, your entire operation has come to a halt.

So, what do you do now? What steps will you take in the next few minutes and hours to get your company back to work as soon as possible?

If you can’t answer that question immediately and in precise detail, your business is at great risk. Disasters, both natural and man-made, can strike at any time, and often do so with very little warning. The consequences of not being prepared can be devastating. According the Federal Emergency Management Agency almost 40 percent of small businesses affected by a disaster never reopen their doors.

How can you ensure that your company won’t be part of that statistic? The answer is to have a well thought out business continuity plan.

What Is a Business Continuity Plan (BCP)?

A BCP lays out the steps and procedures a company will follow before, during, and in the wake of a disaster so that it can maintain maximum functionality during the emergency, and get its operations back to normal in the shortest possible time. With a good BCP in place, your company’s employees will know exactly what to do when disaster strikes.

The Scope Of A Business Continuity Plan

What should be in your BCP so that you can be sure that all relevant items have been covered? Here are seven areas any good business continuity plan should address.

1. Identify Critical Business Functions

The first step in formulating a good BCP is to conduct a business impact analysis (BIA) to identify the crucial areas of your business that must be maintained or quickly restored when a disaster strikes. It’s these core business functions that your BCP will be designed to protect.

2. Identify critical systems and the dependencies between them

Your BCP should identify the systems and data that are most critical for the continued operation of the company. What equipment, supplies, and records (both digital and paper) must be available and operational in order for your company to continue to function?

3. Identify Your Risks

What are the most likely disruptive events that might impact your company’s operations? Tornadoes, hurricanes, wild fires, earthquakes? Obviously, it’s not possible to predict what the next disaster to strike your area might be, but you can and should specifically plan for the ones you can anticipate.

4. Specify Your Data Backup and Recovery Plan

Your BCP should specify data backup and recovery procedures. How frequently will backups be conducted, and by whom? Where will the data be stored, and how will it be geographically replicated so that no local disaster can result in a permanent loss? How will it be recovered? These questions should be addressed both for electronic and critical paper records.

5. Identify the Composition, Functions, and Procedures of Your BC Team

Who can declare an emergency that brings the BCP into operation? Who are key employees who should be notified (and how), and who will be in charge? Where will BC team members and other employees meet if the company premises are not usable? These questions and more should be addressed in detail in the BCP.

6. Have a Detailed Communications Plan

How will the BC team be notified of an emergency if, for example, telephone service is disrupted? Who is authorized to speak on the company’s behalf to media, customers, suppliers, and external partners such as government agencies? The plan should include a list of people and agencies that will be contacted when an emergency is declared.

7. Specify BCP Testing, Refreshing, and Training Procedures

A BCP that looks good on paper may be totally unworkable in practice. It must be realistically tested before it is put into operation, and key employees trained in its use. It must then be updated on a regular basis. With changing conditions, technology, organizational structures, and personnel, the plan can quickly become outdated and unusable. Procedures for training, and for both testing and refreshing the plan should be included in the BCP itself.

As the Department of Homeland Security notes, “A business continuity plan to continue business is essential.” Getting the scope of your business continuity plan right is crucial to the survivability of your business if disaster should strike. Developing and maintaining a good BCP can seem like a daunting task. But if you’re ready to take the challenge of safeguarding your business from disaster, Invenio IT is here to help. Please contact us.

New call-to-action

Dale Shulmistra is a Business Continuity Specialist at Invenio IT, responsible for shaping the company’s technology initiatives -- selecting, designing, implementing & supporting business continuity solutions to bolster client operational efficiencies and eliminate downtime.