How to overcome business continuity intricacies

The key role of any board and senior management team in an organisation is to ensure the improvement of shareholders wealth or value by communally guiding its affairs.

Of paramount importance is meeting the interests of its stakeholders which include business continuity considerations among others.

Anticipating business continuity strategies capable of restoring business to its feet after a disruption remains a top priority.

Philippe Kruchten once said that “If it is not written down, it does not exist.” As such, the board and senior management team have to make sure that business continuity management is documented and made aware of internal and external stakeholders.

Such plans provide the organisation with coordinated ability to effectively respond to threats that would undermine the provision of services to customers.

Threats include natural adversities, data and network infrastructural breaches among others.

Business continuity management (BCM) includes disaster recovery, business recovery, crisis management, incident management, emergency management, and contingency planning.

Security skills

A chief executive officer on behalf of the board of directors should ensure that the organisation possesses a robust set of internal capabilities to give assurance that hazards that would bring interruption are identified comprehensively, risks are evaluated periodically and control measures are in sync with such evaluations.

Competences around operational threats involving people, information systems and natural calamities should be upgraded continually to position the organisation on an upward trajectory in mastering the art and the science of BCM.

Business impact analysis for each vulnerability should be undertaken as frequent as the operating environment changes.

Cloud Computing

It has become a new norm to have most of the services hosted externally by service providers such as Amazon, Microsoft Azure, and Google.

The above presents a chance to make huge savings on capital expenditure and flexible exit clauses, and just as there are two sides to a coin, there is a second side to this practice.

In the event a cloud service provider experiences a major interruption; it could lead to a single point of failure that brings down access to critical services.

If resources allow, procure both a primary and a secondary cloud platform especially for critical services.

Segregation of duties in business continuity

Segregation of duties  is the building block of sustainable risk management and internal controls meant to create a maker and a checker for business transactions and activities.

It is advisable that the team that designs a business continuity management framework is not the one that tests the effectiveness of the same.; rather create an independent vehicle internally or externally to provide the assurance to the Board.

Although some of us might be ignorant on matters technology, it’s prudent to have a basic understanding of key questions to ask as proof that an organisation’s level of preparedness is above board. Walk an extra mile to challenge BCM reports.

Vigilance

Other key areas of focus in BCM are potential disruptions presented by politics, inadequate succession planning and terrorism just to mention but a few.

Remember, “Without continuity, businesses would become like flies in summer

 

-The writer is a leadership and risk management expert