Skip to main content

A New Year’s Resolution For 2017 - Achieve Better Business Continuity

The threat landscape is changing and management teams must now consider a wider range of scenarios to ensure that their business can effectively respond and continue priority activities when faced with unexpected events. The risks associated with cyber security, technological changes, severe weather events and increasing supply chain dependencies need to be considered alongside the traditional “what ifs” such as unexpected unavailability of premises, IT or people.


Ideally senior managers should be regularly exposed to scenarios that take them out of their comfort zone and allow them to think through what should be done to protect their business, whatever challenges are faced. This allows actions, priorities, decisions and responsibilities to be determined before an event occurs, rather than leaving it to chance.



Why not include an item on the agenda of your monthly management meetings to consider a relevant threat scenario and how to respond should this come to pass? By doing this, you will identify mitigation and contingency actions that would help protect your business in these uncertain times. Rather than starting with a blank sheet of paper, refer to the following top 12 threats* and tips** – address one threat each month and apply the relevant tips. 


January - Cyber attack

Develop a business continuity aim that clearly outlines what is most important to your business and needs to be protected through effective planning

February - Data breach

Define and track the implementation of all necessary pre-incident actions to ensure that your
business continuity aim will be satisfied in the event of a worst-case scenario


March - Unplanned IT and telecom outages

Assume that the worst can happen, however low the likelihood (within reason) and allocate
required recovery times to each of your critical activities, assuming event happens at worst
possible time


April - Act of Terrorism

Produce an IT Statement of Recovery that clearly shows achievable recovery times and 
capabilities for IT services in the event of worst case scenarios


May - Security incident

Develop workarounds and contingencies that would allow critical activities to continue in the 
event of an unexpected IT disruption (based on known exposure)


June - Interruption to utility supply

Have severe weather contingency plans in place that start at the point of bad weather being 
forecast – do not put your staff in harm’s way


July - Supply chain disruption

Ensure critical activities can be undertaken remotely and/or arrangements are in place to 
maintain minimum manning at your premises


August - Adverse weather

Document checklists/information in a business continuity plan, assuming sufficient personnel available to manage the response and recovery but with some key individuals unavailable

September - Availability of talents / key skills

Ensure processes, responsibilities and capabilities are in place to allow prompt and 
effective internal and external communications in the event of an incident

October - Health & safety incident

 Ask your key suppliers to confirm in writing the maximum level of service disruption that 
you could be exposed to if they are impacted by a worst-case scenario

November - Fire

Take appropriate action to increase the resilience of your premises and reduce the likelihood
of an incident becoming a crisis (e.g. establish multiple access routes, invest in emergency 
power plug in points, set up diverse network communications routes, install flood guards 
etc.)


December - Transport network disruption

Taking account of your plans and strategies, understand the level of disruption that you are 
exposed to and ensure this is signed off by senior management and transferred via
insurance

*Top 12 Threats, as defined within the 2016 Horizon Scan Report from the Business Continuity Institute (www.thebci.org)



**Top 12 Tips, as suggested by David Teed of Teed Business Continuity (www.teed.co.uk


Wouldn’t it be good to be in the position where, by the end of 2017, you know that your organisation has considered its top threats and taken all appropriate actions to protect your business, finances, market share and reputation? 

Good luck and don’t forget that we are always on hand should you need an independent facilitator to introduce incident scenarios during monthly management team meetings or desktop exercises. 

Please contact us should you wish to discuss further: https://www.icbgroupuk.com/contact-us