Introduction:
Last year’s terrorist attacks in the US have forced many organizations to critically reevaluate the adequacy of their existing business continuity plans and disaster recovery arrangements.The tragedy highlighted how important it is for organizations to remain commercially operational under even the most exceptional circumstances. E-business, which relies heavily on IT, is particularly vulnerable, because IT failures directly limit the capability to generate revenue.
The thoroughgoing approach to business continuity planning (BCP) that I present here— called the BCP cycle—can help you avoid those pitfalls.The BCP cycle is generic enough to have practical value in a wide range of IT-related organizations, and it is process-oriented, ensuring well-guided BCP efforts and tangible results.
Business Continuity Planning Cycle:
BCP is a cyclical process; an organization should review its business continuity plan whenever it introduces changes to the business or alters its business priorities. I see the BCP process as a cycle of eight core steps, as depicted in Figure 1.
Figure 1 (next page) shows two concentric rings. The inner ring describes the core BCP process. Inseparable from BCP is the concept of business recovery planning (BRP). Even when an organization can ensure business continuity, typically with backup resources, at some point it must also recover its previous, fully functional state. The outer ring depicts the BRP process.As an organization works through each core BCP step, it must, at the same time, address BRP.
Central to the BCP cycle is the business continuity policy, which defines the organization’s holistic approach to business continuity.
The key areas covered in a good business continuity policy include:
Common Pitfalls in the Business Continuity Planning Process: