During the last 3 years the economies and companies operate in a crisis environment. Many observers even predict that our society is in some stage of the total collapse of the capitalistic system. This article won’t provide a solution for the global issues, but it describes how to establish a solid Business continuity framework that will navigate your organization in case of emergency. What elements and tools are vital for the solid and successful Business Continuity plan and how we can help organizations that have never had the resources or expertise to create one or perhaps it's out of date and you're not sure it contains the right information  

 

Element 1: Set up a solid BCM Programme Management structure

 

Programme management is at the centre of the BCM process and it establishes the approach to business continuity. The participation of top management is of key importance to ensuring that the BCM process is correctly introduced, adequately supported and established as part of the company’s culture. Programme management includes three steps:

  • Assigning  Roles and  Responsibilities  (Governance)

Business unit management is ultimately responsible for the continuity of the business under adverse circumstances and accountable to ensure appropriate processes are implemented in the business unit.

Business unit management must appoint a person with appropriate seniority and authority to be accountable for BCM policy and implementation.

Business unit management must appoint a team to implement and maintain a BCM programme.

  • Implementing Business Continuity in the organisation by  communication of the BCM programme to stakeholders, arrangement of appropriate training for staff and  exercising of the business continuity capability
  • On-going Management activities must ensure that business continuity is embedded in the organisation. Each component and process of the business unit’s capability must be regularly reviewed, tested and updated.

 

Element 2: Understand your organization

 

The aim of this phase is to establish an understanding of the business through the identification of its key products, services, critical activities and resources that support them. The key activities during this phase are: Business Continuity Risk Assessment; Business Impact Analysis and determination of continuity requirements.

 

Element 3: Determine BCM Strategy

 

As a result of the previous analysis, the business unit will be able to choose the appropriate continuity strategies to enable it to meet its recovery objectives. 

The following items must be included as part of the strategy:

  • Staff
  • Premises (alternative working arrangements)
  • Technology
  • Information
  • Suppliers
  • Stakeholders

You have to answer the following questions per critical process: how likely is it that a critical asset or process will fail and what are the consequences.  

 

Element 4: Develop and implement a BCM Response


This phase of the lifecycle is concerned with the development and implementation of appropriate plans and arrangements to ensure continuity of critical and other activities and the management of an incident. An Event/Incident/Crisis (E/I/C) response structure and plan must be documented and in place to enable an effective response and recovery from disruption. Such response plans include Business Continuity Plans, Technology Recovery Plans and Crisis Management Plans   

 

Element 5: Test, Maintain, Audit and Review BCM Arrangements

This phase ensures that the BCM arrangements are validated, that documentation is a reflection of the current business environment and that the plans are up to date. Key activities are:

  • Testing and exercising Business Continuity Plans including Call Trees and Crisis Management Plans
  • Maintenance of Business Continuity Plans (and all BCM documentation match current business requirements)
  • Review of, and adherence to BCM Policies & Standards

     

Element 6: Embed BCM in your organisation.

This phase focuses on the need for business continuity to become part of the regular management effort, regardless of the size or type of Business Unit. Development of a BCM culture is supported by:

  • Leadership from management at all levels;
  • Assignment of BCM responsibilities;
  • BCM Awareness raising;
  • BCM Skills training;
  • Exercising Business Continuity Plans and Crisis Management Plans;
  • Ensuring that Business Continuity requirements are included in strategic and investment decision-making.

Effective Business Continuity Management strives to:

  • Protect staff and shareholder interests
  • Continue operations/services and minimise impact of disruption
  • Adhere to Legal and Regulatory requirements
  • Maintain company’s reputation
  • Embed BCM in business activities

This is achieved through:

  • Identification and analysis of business continuity risks
  • Assessing the impact of the disruption of business critical processes
  • Formulating a BCM Strategy for the recovery of operations
  • Timely and effective crisis management

________________________________________________________________________________

We in the GlobalRisk Community have just literally scratched the surface of what you can achieve. We analyzed dozens of best practices, policies and procedures of both leading financial institutuions and corporates and we created the GRC Business Continuity toolkit. 

GRC Business Continuity Tool Box empowers you to plan for any crisis.

Included in the tool kit:

* A Business Impact Analysis questionnaire. 11 pages
* BCP template. 20 pages
* BCRA questionnaire. 6 pages
* BIA for corporates. 4 pages
* BIA procedures. 8 pages
* BC Risk analysis template. 2 pages
* Crisis management plan. 10 pages
* Sample vulnerabilities chart. A complete scoring methodology
* Technology recovery assessment. 5 pages
* Technology recovery plan. 13 pages
* BC glossary. 13 pages

 

Zero Risk - 100% Satisfaction Guarantee!

You have absolutely nothing to lose because this package comes with a full Money Back Guarantee.
If you don't like what you get and if you're not 100% satisfied, you can get every penny back. You've got a full 30-days to decide.
But this offer is limited, so CLICK the link below to get to the offer page.

GRC Business continuity toolkit

 

Meets compliance requirements SOX, ITIL, FFIEC, BS25999, ISO 17799/27001 and more

In case of any questions please contact me directly at borisagranovich@globalriskconsult.com. 

Many of our members have already bought the tool kit and we encourage them to share their feedback and recommendations on how to improve the tool kit further.

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

Votes: 0
Email me when people reply –

Replies



  • Boris Agranovich said:

    Stephen, this is a very good remark.

     

    I think that the businesses first have to be able to restore some normality of operations. The analysis of the reasons of the disaster is indeed very important but comes only second. A disaster can stop a business in its tracks if it does not have a recovery plan in place. However, some companies especially SMEs are often forced to compromise business continuity and disaster recovery as they struggle with risng cost of businesses and shortage of human resources.

     

    You will never know when you will need them, but just like insurance, having Business Continuity Plan in place is one of you safest bet against a business disruption and crises. A recent example, the Japan earthquake has attested to how activation of the Business Continuity Plan became a vital factor in minimising losses in crises.

     

    Business Continuity Plan accounts for losses be it in terms of financial and non-financial, thus, its best interest is to protect its' organizations' people, processes and infrastructure in order for a continuity in its business operations.

     

    The GRC Business Continuity toolkit does not mean that you just have to copy and paste it to all companies and industries. In most cases you have to review and adjust it according to your circumstances.

    It also meets Compliance Requirements (SOX, ITIL, FFIEC, BS25999, ISO 17799/27001 and more)

     

    Erin, BCM  acronym means Business continuity management 

     Is this just for natural disasters, or human, and hybrid( japan, tsunami, fukushima plant, ill planned prep,coverup, wait too long to bring teams from U.S. cover-up with gov. radioactive snow months later etc.) wars, Syria/Iran blowout  in6 months, Charlie rose interview with Henry Kissinger aug 6th.  Or do the effects of a more isolated Iran create possibilities of  regime change? The Green movement happened a year before the ' arab Spring'  The U.S. had plenty of muscle in the area to 'Liberate' Iranians from theocratic old timers which the majority 30 and under don't like. If they get a bomb they will not use it.  Leverage comes through suasive power.  When they get a second bomb.  Then maybe good by Tel Aviv. 10 kilotons is all that is needed. so as not to harm too many palestinians Of course some martyrs goes good for PR.  Avoiding the false notion of a 'belive' in a need to bomb facilities, thereby causing Irans population to rally to the flag. And using covert, methods to sustain the Syrian situation to spread to Iran, thus avoiding Nuking all that area, Chernoble X100!  Prudence demands sober planning, and timely action. Ethics, morals, and economics are not enemies. Peace equalls good trade. The israelis are not going to let Iran nuke them. The president of  Iran said he would.  The living memory of the holocaust is real.  Nobody stopped the Nazis in the beginning. The Jewish people will not, and can not leave their safety to someone else no matter what promises they make.  They know the existance of Israel is hanging by a thread!   If you think this wont happen?  Read 'the guns of august' . or The peloponnesian  war by donald kagan. That's my two cents luckily human disasters are more like the weather than earthquakes! EAM

  • Stephen, this is a very good remark.

     

    I think that the businesses first have to be able to restore some normality of operations. The analysis of the reasons of the disaster is indeed very important but comes only second. A disaster can stop a business in its tracks if it does not have a recovery plan in place. However, some companies especially SMEs are often forced to compromise business continuity and disaster recovery as they struggle with risng cost of businesses and shortage of human resources.

     

    You will never know when you will need them, but just like insurance, having Business Continuity Plan in place is one of you safest bet against a business disruption and crises. A recent example, the Japan earthquake has attested to how activation of the Business Continuity Plan became a vital factor in minimising losses in crises.

     

    Business Continuity Plan accounts for losses be it in terms of financial and non-financial, thus, its best interest is to protect its' organizations' people, processes and infrastructure in order for a continuity in its business operations.

     

    The GRC Business Continuity toolkit does not mean that you just have to copy and paste it to all companies and industries. In most cases you have to review and adjust it according to your circumstances.

    It also meets Compliance Requirements (SOX, ITIL, FFIEC, BS25999, ISO 17799/27001 and more)

     

    Erin, BCM  acronym means Business continuity management 

     

  • Business Continuity Management.  As defined by the Business Continuity Institute www.thebci.org .

    erin o'connell said:

    What does BCM acronym mean?
  • What does BCM acronym mean?
  • I dont think there is a one size fits all solution to helping business bounce back after a disaster. First I think you need to understand what happened and why it was a disaster to them. This will provide key insights on the best course of assistance and show what needs to be done to prevent future disasters.

    While standard practice and procedural reviews like BCM do this, they may not be appropriate dependent on the size and needs of the company. Customized solutions are almost always more effecient and more effective, as long as an appropriate level of rigour to the review process is applied.

    In short there is no magic pill for disaster..or growth...but there are proven practices and needed procedural reviews that will always need to be implemented at a company, especially one that has had a disaster.
    Home | Applied Electronics
    Applied Electronics Inverters and Solar Solutions
This reply was deleted.

Introducing the Global Risk Series - Book 1 Risk Management How Tos

Dear GlobalRisk Community member, Our community’s mission is to foster business, networking and educational explorations among members. Learn from some of the top experts in the industry as they clearly explain how to approach the most important Risk management concepts. Check out their expert tips and use the link at the end of each article to navigate back to the website to leave your comment or ask a question.   Some of the topics include: How do you Explain Risk Appetite?  How to Prepare a…

Read more…
16 Replies · Reply by GlobalRiskCommunity Mar 21
Views: 1126

[Free COVID-19 Framework] What's the path to recovery look like?

We created a free presentation (attached), which discusses both global and organizational impacts of the COVID-19 pandemic, along with critical actions organizations should take immediately. This presentation introduces a framework that helps regions and organizations navigate a path to recovery via 9 potential scenarios. These scenarios capture outcomes related to GDP impact, public health response, and economic policies. The presentation also breaks down 6 immediate and critical actions…

Read more…
4 Replies · Reply by Steve Diaz Jul 8, 2023
Views: 243

If risk management is about decision making, are current risk management solutions irrelevant?

Now that the updated COSO and ISO risk management standards emphasize a connection to enterprise objectives and decision making, does this mean ERM and GRC solutions focused on risk registers and regulatory compliance are missing the true value of risk management?Will current risk management solutions evolve to integrate more decision support functionality or will standalone prescriptive analytics and other technology solutions take a more prominent role in enabling risk-informed…

Read more…
3 Replies
Views: 172

A question related to classification of instruments between trading and banking book.

We have an interesting question from one of our members.       "We usually perform OTC FX transactions with clients backed-to-back on the market (with Banks). Now we are going to perform a FX swap (i.e. Spot + forward) JPY/EUR for the Bank account for 1 week at the longest. The purpose is to get EUR place @ CB for LCR compliance purpose (no trading purposes). Bank's Management think that this should be considered as a trading position and therefore be classified within the Bank's trading book.…

Read more…
5 Replies · Reply by Prisha Singh Dec 26, 2023
Views: 380

Plunging oil prices: curse or blessing in disguise?

The recent sudden crash of oil prices has had a major impact on the world economy, leading to many troubled faces in the international arena. The Russians fear the effects of yet another powerful hit on their economy, Venezuela seems to be considering default and the Americans are weary of the consequences for its young and emerging shale oil industry. And then you have the Middle East, where the smallest match is enough to ignite the largest fire. But are these worries really justified or…

Read more…
1 Reply
Views: 112

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!

lead