Why you need to review your business continuity plan now

/ IT Security Services
November 10th, 2016

IT strategy - Why you need to review your business continuity plan now

They’re not here yet, but plummeting temperatures and snow weather warnings will soon get you thinking about how the Winter conditions will impact your business. Maybe key staff are unable to commute, distribution channels could be disrupted or communication lines might go down. Simply put, sleet, snow and flooding will all wreak havoc on your operations and the only way to limit the disruption is to be well prepared.

Before the season’s stormy weather sets in, businesses should prepare themselves for the worst. We’re lucky in the UK that we rarely see major natural disasters (earthquakes, volcanoes, tsunamis) on account of us being away from active fault lines, but the weather can still cause significant problems. Every company, therefore, needs to have a business continuity plan in order to prevent future disruption. And today is the perfect time to review your plan and ensure that when the weather does change, you’re prepared.

Why should you review your business continuity plan?

A business continuity plan is designed to identify the potential impact crises could have on your business. It ensures relevant procedures are in place to limit these. However a plan is only as good as the information it contains and, as such, must be reviewed regularly to ensure that it is fulfilling its intended purpose. Technology evolves, people move on and new members of staff join the team, so your original plan won’t remain relevant forever.

There are different views on how often a business continuity plan should be tested. It will usually depend on the type of organisation, key personnel turnover and the number of business and IT changes which have occurred since the last test. Best practice states that you should review your plan at least once a year. In this review, you should bring together key personnel to analyse the plan. Prior to this review, you may also want to ask staff to provide feedback on the plan to incorporate into your review.  Whenever there are significant changes in personnel, equipment, operating software or recovery strategies you should review your plan.

Testing your business continuity plan

Some organisations will test their business continuity plan between two and four times per year. Common types of testing include:

  • Tabletop Exercises: usually involve the test team reviewing the plan in-depth. They will look for gaps and ensure that all business units are represented.
  • Structured Walk-Throughs: each member of the recovery team walks through their plan components to identify any weaknesses. Sometimes these tests may include role-play or drills. The team will usually have a specific type of disaster in mind for the walk-through.
  • Disaster Simulation Training: Usually an annual task as it is time-consuming. You create an environment which will simulate an actual disaster, with all equipment, supplies and personnel required. This is to see whether you would still be able to carry out critical tasks during the event.

Regular tests and reviews will identify any weaknesses, prepare your team and ensure effective procedures. As the old saying goes, fail to prepare, prepare to fail. The more frequently you plan, review and test for a possible crisis, the less likely there will be gaps. Meaning your business has a better chance of being able to continue or quickly resume, normal operations.

Click here to download your 3 essential templates for managing risk hbspt.cta.load(6067788, ‘a7e334e3-20ae-46e5-87ce-3f9dbc880a96’, {});