What is Business Continuity?

Business COntinuity Plan Illustration

Before completely rewriting your Business Continuity Plan, it helps to understand the fundamentals of business continuity. I put together the following FAQ to give you a better understanding of the underlying information and provide a little more context, and hopefully answer some of your lingering questions.

Business Continuity FAQ

What is a Business Continuity Plan?

A “Business Continuity Plan” (BCP) is a documented plan that outlines the potential impact of a crisis and sets in place policies designed to help the organization recover. While disaster almost never gives us enough forewarning, a Business Continuity Plan is best created before a crisis and should always include the company’s key stakeholders. The primary goal of a BCP is to shield workers and assets for the duration of an emergency.

This involves: assessing the likelihood of a particular crisis occurring – and its possible frequency determining its possible impact on your operations This kind of analysis should help you to identify which business functions are essential to day-to-day business operations.

Minimize the potential impact of crises Once you’ve identified the key risks your business faces, you need to take steps to protect your business functions against them.

What constitutes an “emergency” regarding a Business Continuity Plan?

An emergency is any scenario where a business can no longer operate as usual. This may include a natural disaster like a fire, flood, or tornado, but may also include events like a power outage, bomb threat, compliance breach, active shooter, cyberattack, employee injury, or an interruption within the chain of command or supply chain. Every business needs to review their ability to respond to threats proactively and prepare a BCP to ensure minimal disruption, and remain competitive following a threat.

What is Crisis Management vs. Business Continuity?

During a crisis, your organization is expected to execute the crisis management plan and during a disaster, the business continuity plan. The decision making process for the management of the crisis or catastrophe is shouldered by the senior management team. The execution of the necessary crisis response and should there be a denial of access to the “people, techniques and infrastructure,” the recovery activities in accordance with recovery strategies and business continuity plans will be executed.

What is perplexing is the overlapping of activities for the crisis response and continuity of operations. It is good to begin any dialogue from the definition of a crisis and disaster. The question to ask when the incident occur, “Is this a crisis or a disaster?” For the readers, this is the start of an extended dialogue as the whole concept on the differences can’t be concluded here.

What should a Business Continuity Plan include?

Business Continuity Plans are complicated and vary from company to company. You must tailor your efforts to best fit your organization’s specific requirements. When creating your plan it is always advisable to seek outside counsel, and input from various subject matter experts outside the organization. At Chesley Brown, we help guide clients through this process to ensure they make the best decisions based on objective information. Here are some of the most common things companies look for when building their BCP:

A Business Continuity Plan generally includes:
  • Protocols for coordinating with local emergency personnel
  • Detailed instructions of where to go during an emergency
  • Goals and objectives
  • Information on data backups and site backups
  • Key roles and responsibilities
  • List of tasks required to keep operations moving
  • Detailed list of your most critical assets
  • Plan maintenance protocols
  • Policy, purpose, and scope of plans
  • Risk mitigation plans
Why do Business Continuity Plans matter?

Business Continuity Plans are an essential part of any business. Threats, disruptions, and failures will cause a loss in revenue and higher prices so as to eventually have an effect on growth. Businesses can not rely on insurance alone, as insurance frequently only covers a fraction of the cost associated with a disaster, not to mention reputational damage. It’s essential to plan thoroughly to shield yourself from the impact of potential crises – from fire, flood or theft to IT system failure, restricted access to premises or illness of key staff.

During a crisis, your organization is expected to execute the crisis management plan and during a disaster, the business continuity plan. If, however, you’ve got a large quantity of consumers/personnel and a public facing set of services A Crisis Management Plan (CMP) is a fundamental part of your BCP.

What’s the difference between Emergency Preparedness and Business Continuity

It’s especially important for organizations to understand the difference between emergency preparedness and business continuity in order to ensure that they are correctly accounting for each. Related terms include phrases Emergency Preparedness and Business Continuity, Emergency preparedness, business continuity, crisis response, and emergency management. With so many similar terms flying around it is no wonder many people continue to confuse these and other related terms — often discussed as if they are synonyms that all refer to the process of responding to and mitigating a crisis event. However, while overlapping in some key activities, each is an individual competency.

Businesses that have both emergency preparedness and business continuity departments are already a step ahead, since these are distinct functions that can both make or break the success of a company. Be sure to give additional consideration to a Disaster Recovery Plan which deals with the recovery procedures to be put in place when a disaster strikes. A Disaster Recovery Plan documents the procedures, policies and actions that limit the disruption and the steps that need to be taken for recovery.

COVID-19: How a business continuity expert helps in a crisis

What would happen to your most vital infrastructure and information systems if a disaster were to hit this very second? Are you fully prepared? The novel coronavirus outbreak has revealed in stark detail how unprepared many organizations are to handle a crisis. Luckily, our experts are here to help. By applying over thirty years managing risk for organization of all sizes in both the public and private sectors; our team has the global expertise and resources needed to safeguard your business’s key operations regardless of complexity, geography, and budget.

Many business owners struggle to fully grasp the myriad risks they face. That’s why we’ve built a framework that teaches businesses how to anticipate and navigate risk before it becomes a crisis. Be sure to download your FREE copy of “The 7 Step Guide for Building Business Continuity Plans that Actually Work” for our complete list of strategies for preparing for and navigating a crisis effectively.

Contact us today to discuss how Chesley Brown can help your organization anticipate and navigate risk before it becomes a crisis.

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

How to Prepare for Economic Risk

By Chesley Brown | July 21, 2020

Best Strategies for Building Resiliency How to position your business for uncertainty If there is one aspect of business that is certain, it’s uncertainty. It might also be the understatement of the year to say…

Read More

Podcast | Risk Takers Series #2 Terry Fisher — Electronic Countermeasures

By Chesley Brown | July 14, 2020

Have you ever stopped to ask yourself what it is about your business that is truly valuable? When you really think about it, any business with a product or service has something a competitor or…

Read More

risk-takers #2 Terry Fisher — Electronic Countermeasures

By Chesley Brown | July 14, 2020

Have you ever stopped to ask yourself what it is about your business that is truly valuable? When you really think about it, any business with a product or service has something a competitor or adversary could use. And if you’re being honest, you probably haven’t fully considered all the ways they might get their hands on that information. You’ve spent years building your business, but all it takes is one bad day to compromise that dream. In this week’s episode Brent sits down with FBI Special Agent (Ret.) and engineer Terry Fisher to discuss corporate espionage, electronic countermeasures (sweeps), bugging, and the common methods bad actors have used throughout history to gain access to proprietary information.

Read More

The Risk Takers Podcast Series Launches Today!

By Chesley Brown | July 9, 2020

Chesley Brown Launches the Risk Takers Podcast Series Security Risk Management experts Chesley Brown Companies today announced the launch of “The Risk Takers Podcast Series” — a highly bingeable podcast hosted by veteran risk management…

Read More

risk-takers #1 The Aldrich Ames Espionage Case

By Chesley Brown | June 26, 2020

Dell Spry, a former FBI investigator and counterespionage expert, sits down to discuss the biggest case of insider theft in U.S. History: The Aldrich Ames Case. Hear how he, along with the help of the CIA, and the fellow FBI agents used their cunning, hard work, and old fashioned investigative work to capture and convict most infamous CIA officer-turned traitor: Aldrich Hazan “Rick” Ames. Beginning in 1985 the CIA experienced the unparalleled loss of its of Soviet assets, which nearly destroyed the government’s ability to gather intelligence on the Soviet Union. In this interview Mr. Spry discusses his personal involvement in the case as the FBI’s lead investigator including many of the investigative methods they used. Hear never before details about the harrowing investigation to not only investigate and convict the highest ranking government official ever accused of spying, but to protect future Russian assets. In 1991, the quest led them to search for a Soviet spy in the CIA. They came to identify that spy as CIA Case Officer, Aldrich Hazan “Rick” Ames, a long-time CIA case officer and analyst. In February of 1994, Ames was arrested by the FBI and sentenced to life in prison.

Read More
The 7 Step Guide for Building Business Continuity Plans that Work