Comments
Two out of five enterprises that experience a disaster go out of business within five years – Gartner.
According to an India survey conducted by the Enterprise Risk Services division of Deloitte in association with The Business Continuity Institute, UK, a majority of business sectors indicated they have a comprehensive Business Continuity Management programme in place.
However, on closer look, it was clear that there were some anomalies in the BCM programme implemented by various organisations — such as inadequate allocation of budget and personnel. Also, while a majority of respondents indicated that the senior management was involved in the implementation and maintenance, the programme was, largely IT-centric and owned by the IT, administration, and other departments.
The basics of BCM
This raises the question whether organisations see business continuity management merely as an IT Disaster Recovery Plan. Many seem to think that a robust IT disaster recovery automatically implies that business continuity is taken care of — and this is alarming!
Going back to basics, BCM is much more than having a disaster recovery site in place, or restoring data from back-ups in external storage devices. It is about ensuring that your products and services are available to clients even when your business has been hit by a disruption. Like all management systems, the BCM programme should be a holistic one that takes into account people and processes is addition to technology. BCM is a business issue — not just a technological process.
Another key question is: What is the level of business continuity preparedness needed for one’s organisation vis-à-vis other organisations?
Benchmarking with a peer group can help you answer this question, as well as identify practices that promise superior performance.
By understanding your organisation’s strengths and weaknesses within the BCM framework, and measuring it against key industry benchmarks, the team will be better equipped to decide on effective ways to mitigate risks, and implement the BCM programme initiatives more efficiently.
A global standard
Any initiative without planning or a proper framework is like building a structure on a flimsy base — it is bound to crash. To provide a flexible and certifiable framework, ISO has launched an international standard: ISO 22301 — “Societal Security — Business Continuity Management Systems — Requirements”.
It specifies requirements for implementing, operating, and improving BCMS, leading to certification. The requirements are generic and intended for all organisations (or parts thereof), regardless of type, size or nature.
In short, the ISO 22301 provides a common base for business continuity professionals worldwide. This framework helps ensure you cover the minimum requirements for the implementation of BCMS.
Who can help?
Companies that take steps to strengthen their shock resilience ahead of any disruption can enjoy easier and faster recovery, as well as a competitive advantage in the marketplace.
Sundeep Nehra is Senior Director, Rahaju Pal is Director and Vikas Garg is Manager, Deloitte Touche Tohmatsu India Pvt Ltd.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.