Why you need to review your business continuity plan now
November 10th, 2016
They’re not here yet, but plummeting temperatures and snow weather warnings will soon get you thinking about how the Winter conditions will impact your business. Maybe key staff are unable to commute, distribution channels could be disrupted or communication lines might go down. Simply put, sleet, snow and flooding will all wreak havoc on your operations and the only way to limit the disruption is to be well prepared.
Before the season’s stormy weather sets in, businesses should prepare themselves for the worst. We’re lucky in the UK that we rarely see major natural disasters (earthquakes, volcanoes, tsunamis) on account of us being away from active fault lines, but the weather can still cause significant problems. Every company, therefore, needs to have a business continuity plan in order to prevent future disruption. And today is the perfect time to review your plan and ensure that when the weather does change, you’re prepared.
Why should you review your business continuity plan?
A business continuity plan is designed to identify the potential impact crises could have on your business. It ensures relevant procedures are in place to limit these. However a plan is only as good as the information it contains and, as such, must be reviewed regularly to ensure that it is fulfilling its intended purpose. Technology evolves, people move on and new members of staff join the team, so your original plan won’t remain relevant forever.
There are different views on how often a business continuity plan should be tested. It will usually depend on the type of organisation, key personnel turnover and the number of business and IT changes which have occurred since the last test. Best practice states that you should review your plan at least once a year. In this review, you should bring together key personnel to analyse the plan. Prior to this review, you may also want to ask staff to provide feedback on the plan to incorporate into your review. Whenever there are significant changes in personnel, equipment, operating software or recovery strategies you should review your plan.
Testing your business continuity plan
Some organisations will test their business continuity plan between two and four times per year. Common types of testing include:
- Tabletop Exercises: usually involve the test team reviewing the plan in-depth. They will look for gaps and ensure that all business units are represented.
- Structured Walk-Throughs: each member of the recovery team walks through their plan components to identify any weaknesses. Sometimes these tests may include role-play or drills. The team will usually have a specific type of disaster in mind for the walk-through.
- Disaster Simulation Training: Usually an annual task as it is time-consuming. You create an environment which will simulate an actual disaster, with all equipment, supplies and personnel required. This is to see whether you would still be able to carry out critical tasks during the event.
Regular tests and reviews will identify any weaknesses, prepare your team and ensure effective procedures. As the old saying goes, fail to prepare, prepare to fail. The more frequently you plan, review and test for a possible crisis, the less likely there will be gaps. Meaning your business has a better chance of being able to continue or quickly resume, normal operations.
QuoStar named as one of the UK’s most ambitious businesses
IT support and consultancy firm QuoStar have received an award for ambition. The firm, whose operational headquarters are in Bournemouth, has been named as one of the UK’s most ambitious companies in the southern region. This award is unique because no company could put themselves forward or receive a nomination. Instead, more than 5000 companies […]
Why MFA is no longer enough
It’s time to let go of the view that multi-factor authentication (MFA) provides enough security. Hackers have the means to steal passwords, hijack users’ sign-in sessions and bypass the authentication process entirely, even when MFA is enabled. Adversary-in-the-middle (AiTM) attacks may be nothing new, but the ability of criminals to bypass MFA is. What’s new? […]
QuoStar achieves ISO 20000 certification
QuoStar Solutions, the IT consultancy and outsourcing provider, has today announced that it has been awarded ISO 20000 certification. The international standard recognises the highest level of service quality for clients and facilitates continual improvement; both of which align with QuoStar’s business strategy and ethos. Based on ITIL (IT Service Information Library), ISO 20000 was given […]