What is Business Continuity?

Business COntinuity Plan Illustration

Before completely rewriting your Business Continuity Plan, it helps to understand the fundamentals of business continuity. I put together the following FAQ to give you a better understanding of the underlying information and provide a little more context, and hopefully answer some of your lingering questions.

Business Continuity FAQ

What is a Business Continuity Plan?

A “Business Continuity Plan” (BCP) is a documented plan that outlines the potential impact of a crisis and sets in place policies designed to help the organization recover. While disaster almost never gives us enough forewarning, a Business Continuity Plan is best created before a crisis and should always include the company’s key stakeholders. The primary goal of a BCP is to shield workers and assets for the duration of an emergency.

This involves: assessing the likelihood of a particular crisis occurring – and its possible frequency determining its possible impact on your operations This kind of analysis should help you to identify which business functions are essential to day-to-day business operations.

Minimize the potential impact of crises Once you’ve identified the key risks your business faces, you need to take steps to protect your business functions against them.

What constitutes an “emergency” regarding a Business Continuity Plan?

An emergency is any scenario where a business can no longer operate as usual. This may include a natural disaster like a fire, flood, or tornado, but may also include events like a power outage, bomb threat, compliance breach, active shooter, cyberattack, employee injury, or an interruption within the chain of command or supply chain. Every business needs to review their ability to respond to threats proactively and prepare a BCP to ensure minimal disruption, and remain competitive following a threat.

What is Crisis Management vs. Business Continuity?

During a crisis, your organization is expected to execute the crisis management plan and during a disaster, the business continuity plan. The decision making process for the management of the crisis or catastrophe is shouldered by the senior management team. The execution of the necessary crisis response and should there be a denial of access to the “people, techniques and infrastructure,” the recovery activities in accordance with recovery strategies and business continuity plans will be executed.

What is perplexing is the overlapping of activities for the crisis response and continuity of operations. It is good to begin any dialogue from the definition of a crisis and disaster. The question to ask when the incident occur, “Is this a crisis or a disaster?” For the readers, this is the start of an extended dialogue as the whole concept on the differences can’t be concluded here.

What should a Business Continuity Plan include?

Business Continuity Plans are complicated and vary from company to company. You must tailor your efforts to best fit your organization’s specific requirements. When creating your plan it is always advisable to seek outside counsel, and input from various subject matter experts outside the organization. At Chesley Brown, we help guide clients through this process to ensure they make the best decisions based on objective information. Here are some of the most common things companies look for when building their BCP:

A Business Continuity Plan generally includes:
  • Protocols for coordinating with local emergency personnel
  • Detailed instructions of where to go during an emergency
  • Goals and objectives
  • Information on data backups and site backups
  • Key roles and responsibilities
  • List of tasks required to keep operations moving
  • Detailed list of your most critical assets
  • Plan maintenance protocols
  • Policy, purpose, and scope of plans
  • Risk mitigation plans
Why do Business Continuity Plans matter?

Business Continuity Plans are an essential part of any business. Threats, disruptions, and failures will cause a loss in revenue and higher prices so as to eventually have an effect on growth. Businesses can not rely on insurance alone, as insurance frequently only covers a fraction of the cost associated with a disaster, not to mention reputational damage. It’s essential to plan thoroughly to shield yourself from the impact of potential crises – from fire, flood or theft to IT system failure, restricted access to premises or illness of key staff.

During a crisis, your organization is expected to execute the crisis management plan and during a disaster, the business continuity plan. If, however, you’ve got a large quantity of consumers/personnel and a public facing set of services A Crisis Management Plan (CMP) is a fundamental part of your BCP.

What’s the difference between Emergency Preparedness and Business Continuity

It’s especially important for organizations to understand the difference between emergency preparedness and business continuity in order to ensure that they are correctly accounting for each. Related terms include phrases Emergency Preparedness and Business Continuity, Emergency preparedness, business continuity, crisis response, and emergency management. With so many similar terms flying around it is no wonder many people continue to confuse these and other related terms — often discussed as if they are synonyms that all refer to the process of responding to and mitigating a crisis event. However, while overlapping in some key activities, each is an individual competency.

Businesses that have both emergency preparedness and business continuity departments are already a step ahead, since these are distinct functions that can both make or break the success of a company. Be sure to give additional consideration to a Disaster Recovery Plan which deals with the recovery procedures to be put in place when a disaster strikes. A Disaster Recovery Plan documents the procedures, policies and actions that limit the disruption and the steps that need to be taken for recovery.

COVID-19: How a business continuity expert helps in a crisis

What would happen to your most vital infrastructure and information systems if a disaster were to hit this very second? Are you fully prepared? The novel coronavirus outbreak has revealed in stark detail how unprepared many organizations are to handle a crisis. Luckily, our experts are here to help. By applying over thirty years managing risk for organization of all sizes in both the public and private sectors; our team has the global expertise and resources needed to safeguard your business’s key operations regardless of complexity, geography, and budget.

Many business owners struggle to fully grasp the myriad risks they face. That’s why we’ve built a framework that teaches businesses how to anticipate and navigate risk before it becomes a crisis. Be sure to download your FREE copy of “The 7 Step Guide for Building Business Continuity Plans that Actually Work” for our complete list of strategies for preparing for and navigating a crisis effectively.

Contact us today to discuss how Chesley Brown can help your organization anticipate and navigate risk before it becomes a crisis.

Posted by:

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

preventing economic espionage, trade secret theft and intellectual property theft

The Ultimate Guide for Small Businesses to Combat Economic Espionage

By Chesley Brown | January 26, 2021

For decades, the US has been a victim of economic espionage — a foe that is now costing American companies billions of dollars in lost revenue. From hacking government websites to infiltrating research institutions with…

Read More
Protestors storming the captiol in an act of civil unrest, insurection

Preventing Civil Unrest

By Chesley Brown | January 19, 2021

We’ve all recoiled in disbelief and horror as we watched scenes of violence stream across our TVs. The violent insurrection we saw in the U.S. capitol was unprecedented. That is to say nothing of the …

Read More
Vulnerability assessments and management in the new risk landscape. Threat assessment

What Achilles can Teach us About Threat Management

By Chesley Brown | January 12, 2021

By: Dell Spry There are numerous similar, seemingly inconsequential, soft targets scattered across our country unprotected by a single surveillance camera or even a strand of barbed wire. Is this issue getting the attention it…

Read More
The solarwinds supply chain hack represented by 6 locks, one of which is a different color

The SolarWinds Supply Chain Attack: What Businesses Need to Know

By Chesley Brown | January 5, 2021

What is the SolarWinds Supply Chain Attack? SolarWinds, the Austin-based cybersecurity firm, found itself in the middle of a catastrophe due to internal security lapses. The firm recently earned headlines for making it to the…

Read More
Picture of downtown Nashville Tennessee a dusk. Lessons learned from the nashville bombing

Lessons Businesses Must Learn from the Nashville Bombing

By Chesley Brown | December 30, 2020

The sound of gunfire punctuated the peaceful hush of Christmas morning. According to one witness, “It sounded like an automatic weapon.” About 10 minutes later she heard a second round of gunfire, then a third.…

Read More
The 7 Step Guide for Building Business Continuity Plans that Work