According to figures from Databarracks, the disaster recovery specialists, 46% of UK organisations believe their business continuity plan is not up to requirements.
The figure comes from an upcoming report by Databarracks, the Data Health Check survey, which was released to align with the start of Business Continuity Awareness Week (BCAW), the annual global initiative for the Business Continuity Institute (BSI), taking place from 13-17th May.
“It’s critical all businesses ensure they regularly update and test their business continuity plans,” said Peter Groucutt, managing director of Databarracks. “A three-year-old plan referring to long-retired employees and out-dated systems won’t be helpful to those who need to use it during a cyber-attack or if your power supply is disrupted during a storm.”
According to Groucutt, a good business continuity plan doesn’t have to expensive or difficult and he believes there are easy steps all businesses can take to improve their resilience.
Disaster Recovery as a Service: preparing for unavoidable events
He said: “Knowing what to do during an incident comes down to testing and practice. An easy action is to make testing part of your day-to-day operations and use known events to your advantage. As an example, some businesses test using the London tube strikes to practice invoking their business continuity plan. This enables them to go through the processes staff should undertake during an incident.
“Lessons can also be taken from specific industries, which are readily exposed to disruptions. As a necessity, they have plans and processes that are exercised constantly. Hospitality deals with disruptions on a regular basis, ranging from power outages, supplier failures, IT problems to even security or terrorism issues. The regularity of these disruptions means when an incident does happen, staff and the business know exactly what to do to continue serving.”
Who’s leading your business continuity plan?
There is often confusion over who is the responsibility for business continuity resides with. While some organisations have a dedicated business continuity manager, many just push responsibility down to IT.
However, according to Groucutt, your business continuity plan should be bigger than IT.
The anatomy of an outage how software performance problems are affecting the digital world
He said: “IT can recover servers and IT systems but responsibility for the survivability of the business ultimately sits with the board. It may not be someone’s entire role, but there needs to be someone named with responsibility for business continuity. They are the person who makes sure recovery processes are in place and stays on top of new risks and changes, to keep the organisation resilient.”
How to make a business continuity plan
Groucutt argued, if you don’t have a business continuity plan, you should start by conducting a business impact analysis (BIA) to determine and evaluate the potential effects of disruption to critical business operations. You need to decide what is important for your business, how you might be affected if something were to happen to your people, your premises, your IT or your suppliers. Then, you put in place the plans and workarounds, that keep you operational.
“IT outages: The actual cost and how to prevent it becoming a reality”
Groucutt concluded: “Sometimes organisations are put-off from ‘doing business continuity’ because it seems like a lot of time and resource that takes them away from more important (and pressing) needs, like driving sales and keeping customers happy. It can seem like a lot of ‘risk assessment’ and ‘impact analysis’ before you get a real benefit and that can cause action-paralysis. Actually, if you get all of the right people together even for a short time you can make some significant headway quite quickly and truly strengthen your business resilience.”
Nominations are OPEN for the Tech Leaders Awards, organised by Information Age and taking place on 12th September 2019 at the Royal Lancaster, London. Categories include CIO of the Year, CTO of the Year, Digital Leader of the Year and Security Leader of the Year. Recognise and reward excellence in the tech industry by submitting a nomination today