Promoting Business Continuity



Similar documents
PROMOTING BUSINESS CONTINUITY. Greater Manchester Local Authority Business Continuity Group

BUSINESS CONTINUITY MANAGEMENT A Guide for Businesses In Northamptonshire

Business Continuity Planning advice for Businesses with employees

Business Continuity Planning

Expecting the unexpected. Business continuity in an uncertain world

Business Continuity Management For Small to Medium-Sized Businesses

Business Continuity. Is your Business Prepared for the worse? What is Business Continuity? Why use a Business Continuity Plan?

GUIDANCE ON THE COMPILATION OF BUSINESS CONTINUITY PLANS. Front cover Add your logo, company name and the date the plan was last amended.

Would Your Business survive a crisis?

Business Continuity Planning

Coping with a major business disruption. Some practical advice

Each section has handy hints and advice on completing your plan along with links to further information which you can download and print.

Business Continuity Planning advice for Businesses with over 250 employees

Don t gamble with your business prepare for survival

It s the Business! Business continuity considerations for all organisations

Questionnaire. Financial Safeguarding, Assessment and Advice Services for Adults

How To Manage A Business Continuity Strategy

Business Continuity Plan Template

Harrow Business Consultative Panel. Business Continuity Management. Responsible Officer: Myfanwy Barrett Director of Finance and Business Strategy

A GUIDE TO BUSINESS CONTINUITY PLANNING

BUSINESS CONTINUITY GUIDE FOR SMALL BUSINESSES

Business Continuity Management Governance. Frank Higgins Abu Dhabi March 2015

Business Continuity. Introduction. Safer Business - Better Health. Issue date - December 2007

BUSINESS CONTINUITY PLAN 1 DRAFTED BY: INTEGRATED GOVERNANCE MANAGER 2 ACCOUNTABLE DIRECTOR: DIRECTOR OF QUALITY AND SAFETY 3 APPLIES TO: ALL STAFF

Business Continuity Planning

Business Continuity Plan Toolkit

SCHOOLS BUSINESS CONTINUITY PLANNING GUIDANCE

BUSINESS CONTINUITY PLANNING

Business Continuity Planning in IT

Business Continuity Overcome the Challenges

BUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE

East Sussex LAA Delivery Plan

Introduction UNDERSTANDING BUSINESS CONTINUITY MANAGEMENT

Business Continuity Management Policy

Business Continuity Management

BUSINESS CONTINUITY PLAN

business continuity planning

Risk Management Guidelines

Business Continuity Plan Guidance and Template to support Small Businesses

A guide to business continuity jelfsmallbusiness.co.uk

Corporate Business Continuity Plan

London Local Authorities Business Continuity Guidance for Suppliers & Contractors

How To Improve The Shared Services Partnership Business Continuity Plan

Business Continuity Management. Policy Statement and Strategy

Business Continuity Business Continuity Management Policy

BS BUSINESS CONTINUITY MANAGEMENT

BUSINESS CONTINUITY MANAGEMENT POLICY

Managing risk, insurance and terrorism

Business Continuity Policy

Continuity of Operations Planning. A step by step guide for business

Auditing Business Continuity Management Plans

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

Business Continuity (Policy & Procedure)

disaster recovery and contingency plan RISK MANAGEMENT MADE TO MEASURE

Will your business survive? London Chamber of Commerce and Industry. Business Continuity Planning

NHS 111 National Business Continuity Escalation Policy

Business Continuity for the Hospitality Industry

I S O I E C I N F O R M A T I O N S E C U R I T Y A U D I T T O O L

How prepared are you?

Information Security Management: Business Continuity Planning. Presentation by Stanislav Nurilov March 9th, 2005 CS 996: Info. Sec. Mgmt.

Disaster Recovery Process

Assessment of natural hazards, man made hazards, technical and societal related risks and associated impact.

Business Continuity Management Framework

Emergency Recovery. Corporate Business Continuity Plan

Emergency Response and Business Continuity Management Policy

Business Continuity Guidance for Suppliers & Contractors. Blackburn with Darwen Borough Council

Business Continuity Planning and Disaster Recovery Planning

Business continuity resource information

[INSERT NAME OF SCHOOL] BUSINESS CONTINUITY PLAN

Business Continuity Management & Disaster Recovery GETTING STARTED Checklist for Local Businesses & Organisations

Overview TECHIS Manage information security business resilience activities

JOB DESCRIPTION. T&T Security and Resilience Manager. Technology and Telecommunications. Bedford, Chelmsford or Norwich

CHAPTER 1: BUSINESS CONTINUITY MANAGEMENT STRATEGY AND POLICY

LFRS Business Continuity Planning

BUSINESS CONTINUITY PLAN

South Norfolk Council Business Continuity Policy

Information Security Policy. Chapter 11. Business Continuity

Mastering Disaster A DATA CENTER CHECKLIST

Charging for Pre-application Advice. WSCC Guidance Note

Review your insurance cover regularly to ensure it keeps pace with any changes in the business.

FIRST AID FOR BUSINESS

Survey Results Consultation on Outsourcing of Financial Assessment and Benefits Advice, and Financial Adults Safeguarding, Services

Business Continuity Management

University of Nottingham Emergency Procedures and Recovery Policy

Business Continuity Planning Assessment

Sanctuary Housing Association Accommodation based services in Adur and Arun Service Specification for a Housing Support Contract

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery

Departmental Business Continuity Framework. Part 1 Policy and Standards

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.

SUBJECT: REPLACEMENT OF CORPORATE ELECTRONIC DATA STORAGE, BACKUP AND DISASTER RECOVERY SOLUTIONS

BCS Practitioner Certificate in Business Continuity Management Syllabus

TRANSPORT FOR LONDON SAFETY, HEALTH AND ENVIRONMENT ASSURANCE COMMITTEE

Business Continuity Management and BS by Steve Chan, Head of Training - HK, BSI Management Systems

Business Continuity Plan

Disaster Recovery. Tips for business survival. A Guide for businesses looking for disaster recovery November 2005

abcdefghijklmnopqrstu

The Business of Continuity

NHS Commissioning Board Business Continuity Management Framework (service resilience)

Preparing Your Business for a Flood

39 GB Guidance for the Development of Business Continuity Plans

Transcription:

SUSSEX LOC Promoting Business Continuity G R OUP S U SSEX LOCAL AUTHORITYEMERGENCY PLA NNING SUSSEX LOCALA UTHORITY EME RGEN CY P LANNING GROU P A L AUTHORITY EME RGENCY PLANNIN G GROUP Sussex Local Authority Emergency Planning Group

Emergency Planning Business Continuity The Sussex Local Authority Emergency Planning Group consists of representatives from East and West Sussex County and District/Borough Councils. Its role is to promote Local Authority Emergency Planning in accordance with the Civil Contingencies Act guidance and regulations and it is committed to promoting Business Continuity. This booklet has been produced as part of local authorities responsibilities under the Civil Contingencies Act to provide advice and assistance to businesses about Business Continuity management. What is Business Continuity Management? Business Continuity Management is a process that can be applied to any business, small or large, to help manage the risks that threaten survival. The objective is to identify hazards that may affect critical functions or activities and to ensure that these can be reduced or responded to in an effective way. Nearly 1 in 5 businesses suffer a major disruption every year More than 50% of companies, who do not have a Business Continuity Plan and are hit by a disaster, go out of business within 12 months! The process, as shown in the diagram below, is a continuing cycle of risk assessment and risk reduction. The plan is simply the written record of the process being applied to your business. Five Steps to Continuity Planning Analyse your business Rehearse your plan Assess the risks Develop your plan Develop your strategy

1. Analyse and assess the risks to your business In order to develop a Business Continuity Plan you need to have a thorough understanding of your business. This involves knowing the critical functions of your business, the effect of those functions being disrupted and the priority of those functions. This process is known as a Business Impact Analysis. If your organisation operates over multiple sites, then each site will need a separate continuity plan of its own, based on the same principles. Where is your business vulnerable? Following the analysis of your business processes formulate a list of where your business is vulnerable. Examples of critical functions are:- Staff wages Manufacture Call Centre Distribution IT Department Goods in Sales Effect on Service You should consider the importance of the function on the survival of your business (percentage of income or work load, how critical the function is to other functions, etc.) and how quickly each function must be re-established. For each of the time spans, identify what the effect of the loss of the Critical Function would be. For example, disruption to the Goods-In function could have the following effect: First 24 hours Lack of stock causing orders not to be completed on time Storage space for part-processed goods causing concern 24-48 hours Cut manufacturing hours due to lack of stock Company reputation damaged Up to one week Financial implications of missed deadlines Need to outsource work to maintain market share Up to 2 weeks Loss of customers to competitors Temporary or permanent reduction in staff numbers Analysis

Assess the Risks 2. Assess the Risks To identify risk you must look at the vulnerable areas of your business, as well as considering some of the more generic what if scenarios e.g. what if the power failed; what if a virus wiped out your IT system. Look for single points of failure in your technology or processes. The essential part of Risk Assessment is that you ask three simple questions for each risk that you identify:- 1. How likely is it to happen? 2. What impact will it have on your business? 3. What factors can reduce the likelihood or effect or mitigate the risk entirely. Always try to consider the worst case scenario when carrying out your risk assessment. This will mean that less serious incidents will be easier to manage.

Changing the ethos It is essential to have the active support of the senior team in your organisation. It is possible that during your planning you will have the opportunity to convince your staff of the importance of Business Continuity Management and promote the concept internally and externally. With this approach Business Continuity becomes the normal process of day to day activity. Business Continuity must be included in the preparation of new contracts, partnerships and business processes. It is every manager s responsibility to ensure Business Continuity is an integral part of their normal business activity. You can not do this alone! 3. Develop your Business Continuity Strategy Most likely the board will consider the options for continuity which will often be one of the following strategies: Develop strategy 1. Accept the risks and change nothing 2. Accept the risks, but make a mutual arrangement with another business (competitor/business Continuity Specialist) for help 3. Attempt to reduce the risks 4. Attempt to reduce the risks and make arrangements for help after an incident as in 2 5. Reduce all risks to the point where you should not need outside help All of these approaches will still need a detailed plan to outline the arrangements for the incident. You will also need to consider how quickly recovery will need to occur for the strategic areas of your business or various departments. It may be useful to draw a chart of the timescales involved in re-establishing certain functions. One essential decision is how you respond to risks that cannot be reduced.

Develop your Plan 4. Develop your plan Your business continuity plan should contain the key areas as listed below. This is not an exhaustive list and you may find other key pieces of information that may be required as part of your strategy. Items to include Roles and Responsibilities Make it clear who needs to do what, and who takes responsibility for each action. Always include deputies to cover key roles. Identify a Recovery Team and a Co-ordinator. Incident Checklists for key staff Use checklists that readers can follow easily First Stage Include clear, direct instructions or checklist for the crucial first hour or so after an incident Following stages Include a checklist of things that can wait until after the first hour Document Review Agree how often, when and how you will check your plan to make sure it is still current. Update your plan to reflect changes in your organisation s personnel and in the risks you might face Plan for the worst-case scenarios. If your plan covers how to get back in business if a flood destroys your whole building, it will also work if only one floor is flooded. Information from outside your business Consider getting specialist information on the roles of other organisations that may be involved in the emergency such as: Landlord If you rent your business space find out what plans and assistance your landlord or management company may be able to provide

Neighbouring businesses Nearby businesses may be affected, but you may still be able to help each other Utility companies Telephone, electricity, water, gas. Find out what they will need to know and their emergency supply procedures and their main targets for connection. Your insurance company What information do they need from you? Do you need their permission to replace damaged critical equipment immediately? Will the existence of a Plan reduce your premiums? They may also be able to give you advice. Suppliers and customers How will you contact them to tell them you have been affected by an incident, and find out what their critical timescales are? They will be affected by your decisions, so involve them if you can and they may be reassured by your planning process. Local Authority Emergency Planning Officer Find out what your local authority would do in response to a major incident Emergency Services What information will the emergency services require from you? How can you help them by ensuring access routes, and providing information (key holders etc.)? Points to remember Make your plan usable. Don t include information that will be be accessed in other places. Use existing organisational roles and responsibilities and build on them in the plan. Specify the escalation of the plan. Who decides when to invoke the special arrangements and who manages the process? How will the stand-down process be managed?

Rehearse your Plan 5. Rehearse your plan Testing and rehearsing your plan is one of the fundamental parts of contingency planning. It gives you an opportunity to test the arrangements and principles of the plan in a safe environment, without risk to the business. There are various levels of rehearsal or evaluation which can be used. They will obviously vary with cost and value, however a planning lifecycle should allow for periodic tests of different types. Table Top Exercise Test your plan using a what if? written scenario. New pieces of information can be added as the scenario unfolds, in the same way that more details would become clear in a real incident.

Communications Test With or without warning, a test message is sent out to everyone at the top of the call cascade lists in the plan(s). An audit can then take place on how well the information was communicated through your organisation. Full rehearsal A full rehearsal will show you how well different elements in your plan work together, which may not have become clear when you tested the individual parts. However, this can be an expensive way to test your plan.

What should you do next? What should you do next? If you have been inspired to consider developing a Continuity Plan for your business, start immediately. Write yourself a realistic action plan based on the five steps outlined earlier. Be realistic about timescales, and consider getting colleagues involved. Get the support of all your Senior Managers, Directors, Shareholders and Staff, only a team effort will succeed. What have you got to lose? If you don t have a Business Continuity Plan, you may be at risk of losing work to competitors, being exposed to failures in your supply chain, suffer loss of reputation and higher insurance premiums. Business Continuity affects everyone: customers, staff, the community and ultimately the economy. Be prepared, and have a Business Continuity plan.

Further information: Information on Business Continuity and Preparing for Emergencies can be found from a variety of sources:- Business Continuity Institute 0870 603 8783 Business Continuity Magazine Emergency Planning Society 0845 600 9587 www.thebci.org www.kablenet.com/bc www.emergplansoc.org.uk The Institute of Risk Management www.theirm.org MI5 Advice www.mi5.gov.uk There is a specific section on business continuity Information Survive Association UK Resilience Sussex Resilience www.survive.com www.ukresilience.info www.sussexresilience.org (from 1st April 2006) If you are interested in finding out more about Business Continuity then either contact one of the sites above or your Local Authority Emergency Planning Officer.

Contacts Adur District Council.......... www.adur.gov.uk Arun District Council.......... www.arun.gov.uk Brighton & Hove City Council... www.brighton-hove.gov.uk Chichester District Council..... www.chichester.gov.uk Crawley Borough Council...... www.crawley.gov.uk Horsham District Council....... www.horsham.gov.uk Hastings Borough Council...... www.hastings.gov.uk East Sussex County Council..... www.eastsussex.gov.uk Eastbourne Borough Council... www.eastbourne.gov.uk Lewes District Council......... www.lewes.gov.uk Mid Sussex District Council..... www.midsussex.gov.uk Rother District Council........ www.rother.gov.uk Wealden District Council....... www.wealden.gov.uk West Sussex County Council.... www.westsussex.gov.uk Worthing Borough Council..... www.worthing.gov.uk Booklet prepared by the Sussex Local Authority Emergency Planning Group. With acknowledgements to West Berkshire Council and Norfolk County Council.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information