It s the Business! Business continuity considerations for all organisations



Similar documents
The 10 Minute Business Continuity Assessment

BUSINESS CONTINUITY PLANNING THE 10-MINUTE ASSESSMENT

BUSINESS CONTINUITY ASSESSMENT CHECKLIST

Business Continuity Planning Assessment

business continuity planning

Business Continuity Planning in IT

Service Continuity Planning. A Guide for Community Pharmacists

A GUIDE TO BUSINESS CONTINUITY PLANNING

business continuity plan for:

Business Continuity Planning advice for Businesses with employees

Business Continuity Management & Disaster Recovery GETTING STARTED Checklist for Local Businesses & Organisations

Coping with a major business disruption. Some practical advice

Preparing a Disaster Recovery Plan (Church)

BUSINESS CONTINUITY PLAN

Good Security. Good Business

BUSINESS CONTINUITY PLAN

Disaster Recovery. Tips for business survival. A Guide for businesses looking for disaster recovery November 2005

Business Continuity Plan

Todd & Cue Ltd Your Business Continuity Partner

Business Continuity. Introduction. Safer Business - Better Health. Issue date - December 2007

BUSINESS CONTINUITY GUIDE FOR SMALL BUSINESSES

Yale Business Continuity Program Emergency Response Guide

Business Continuity Plan Guidance and Template to support Small Businesses

Risk Management Guidelines

How To Manage A Business Continuity Strategy

Business continuity plan

BUSINESS CONTINUITY PLAN

BUSINESS CONTINUITY MANAGEMENT FRAMEWORK

LFRS Business Continuity Planning

Business Continuity Planning

Tabletop Exercises. Scenario 2 Gas Leak PHASE 1

Business Continuity. Is your Business Prepared for the worse? What is Business Continuity? Why use a Business Continuity Plan?

Business Continuity Management For Small to Medium-Sized Businesses

BUSINESS CONTINUITY PLAN

Business Continuity Plan Template

#316 The Security Elements of Business Continuity & Disaster Recovery Plans

Islington ICT Physical Security of Information Policy A council-wide information technology policy. Version 0.7 June 2014

Physical Security Policy

[INSERT NAME OF SCHOOL] BUSINESS CONTINUITY PLAN

CONTINUITY OF OPERATIONS PLAN TEMPLATE

BUSINESS CONTINUITY POLICY RM03

Introduction UNDERSTANDING BUSINESS CONTINUITY MANAGEMENT

How To Write A Business Continuity Plan For A Personal Care Service

BUSINESS CONTINUITY PLAN and. DISASTER RECOVERY PLAN for

BUSINESS CONTINUITY PLAN

Assisted Living Facilities & Adult Care Comprehensive Emergency Management Plans

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery

Business Continuity Policy and Business Continuity Management System

Assessment of natural hazards, man made hazards, technical and societal related risks and associated impact.

COMMUNITY FLOOD PLAN

Disaster Recovery Plan Checklist

Business Continuity Template

FORMULATING YOUR BUSINESS CONTINUITY PLAN

Situation Manual Orange County Florida

Business/ Organisation Name

GUIDANCE DOCUMENT FOR COMPLETION OF RESIDENTIAL CARE ESTABLISHMENTS BUSINESS CONTINUITY PLAN TEMPLATE WEST MIDLANDS

11 Common Disaster Planning Mistakes

The handouts and presentations attached are copyright and trademark protected and provided for individual use only.

Policy Document. IT Infrastructure Security Policy

Desktop Scenario Self Assessment Exercise Page 1

Business Continuity Planning

Disaster and Pandemic Planning for Nonprofits. Continuity and Recovery Plan Template

Preparing Your Business for a Flood

HIPAA SECURITY RISK ASSESSMENT SMALL PHYSICIAN PRACTICE

Service Children s Education

Business Continuity Policy

Business Continuity Management Framework

Business Continuity Planning and Disaster Recovery Planning

RISK AND DISASTER MANAGEMENT: SOME USEFUL TOOLS AND RESOURCES FOR BUSINESSES AND ORGANISATIONS

STEP-BY-STEP BUSINESS CONTINUITY AND EMERGENCY PLANNING MAY

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY

disaster recovery and contingency plan RISK MANAGEMENT MADE TO MEASURE

Fire Department Guide. Creating and Maintaining Business Continuity Plans (BCP)

ISO IEC ( ) INFORMATION SECURITY AUDIT TOOL

Contingency Planning and Disaster Recovery for BOMA

Continuity of Operations Planning. A step by step guide for business

Oadby and Wigston Borough Council. Information and Communications Technology (I.C.T.) Section

Sample Emergency and Critical Incident Policy and Procedure

University of Sunderland Business Assurance Information Security Policy

Clinic Business Continuity Plan Guidelines

Risk Options. Avoid Assume Mitigate Transfer Prevent?

FINAL. Internal Audit Report. Data Centre Operations and Security

Transcription:

It s the Business! Business continuity considerations for all organisations

It ll never happen to me That s what they all say isn t it? But it happens a lot more than you d think. Statistics show that nearly one in five organisations suffer some sort of disruption every year. All organisations, whether they are sole traders, small businesses, multi nationals, charitable causes or voluntary organisations, need certain structures in place to continue to operate. This will differ depending on the organisation, but here are a few of the usual suspects that organisations rely on: Personnel (even if it s just you!) Facilities (the work building(s) - or your house if you work from home) Utilities (gas, electricity, water and telecommunications) Equipment (furniture, vehicles and electrical goods) Files (paper documents and electronic files) Suppliers (where you get your stuff to allow you to do your stuff ) Distribution (how you supply your customers) Insurance (are you covered?) Take a quick look at the list above and think about how you rely on each one. Now think how your organisation can cope without each one for 24 hours.and for a week.and for six months. Have you really considered how your organisation would cope in an emergency, if you lose a key member of staff, if your building is damaged or if your computer system fails or other key equipment breaks down or is stolen? In the longer term, think about your organisation s reputation. If you have a good one you ll want to keep it, if it s lost it could be forever.

What is business continuity planning? Business continuity planning is about making sure you can identify risks your organisation can face, the possible impacts a disruption can have and how you can either prevent an issue from occurring or at least mitigate the effects if you can t. How well you manage a crisis may have greater outcomes for your business than the original incident. Business continuity therefore provides organisations with a means to enable a co-ordinated and effective recovery following an emergency. Business continuity planning can help to: Reduce the likelihood of service disruption Minimise the impact if disruption happens Ensure the safety of staff during an incident Enable the delivery of key business objectives Minimise the effects of any disruption to your business or services and restore business within a planned timescale Comply with statutory or legal requirements

How to develop a business continuity plan There are five key stages that make up the business continuity planning process: 1. Know your business Make a list of your critical services in priority order and consider where you could be vulnerable. The process will determine: What does your business produce? What key staff, computer systems and equipment are necessary for the delivery of that service? 2. Assess the risks How likely is an identified risk to occur? How will it affect your business? What can go wrong? How will a risk affect delivery of your service? 3. Develop your strategy Your strategy will determine: How to reduce your risks? How you can recover from disruptive incidents? 4. Develop your plan A simple generic plan will provide: A list of actions to enable you to continue your services, including contact numbers; resources, procedures including evacuation arrangements. 5. Test your plan Test the plan to identify problems. Involve your employees in the planning process and provide training.

Assessment Checklist This short assessment is a good starting point to help you consider what information you need to enable you to prepare for an emergency (internal or external) that may disrupt your organisation s service provision. The assessment is divided into sections for ease of reference; ideally you should have all these criteria fulfilled. The end column is an action column so that you don t lose sight of what still has to be done. Complete the assessment, taking on board any actions required. What do you do on Yes No Don t Action a day-to-day basis Have you considered the impact of direct risks to your business (IT failure, mechanical failures, loss of power, staff absence, fire, supply chain failure, etc.)? Have you considered the impact of external risks to your business (denial of access to your premises, theft, flooding and fire from adjoining property)? Do you have vital computer information stored on back-up systems held off premises? Staff Yes No Don t Action Do you have a list of all staff telephone numbers? Have you made a list of all key contacts telephone numbers? Do you have an up to date and regularly reviewed job description and hierarchy chart for your company? (include temporary and contract workers) Do you have staff personal information on file i.e.communication with next of kin (Include temporary and contract workers)? Are the above details held in more than one location (preferably offsite)?

Assessment Checklist Staff: Yes No Don t Action Emergency Situation Do you know where to go for advice/ information (health and safety; fire prevention; security and crime prevention; news updates)? Do your employees know who is in charge in a time of a crisis? Do you and your staff know what to do in an incident? Have you made a list of all emergency key contacts telephone numbers? Have your staff been assigned specific roles in the event of a crisis? Do you have out of hours contact procedures for your staff? Do any of your staff have medical training? Have you considered alternative working arrangements office relocation, ability to work from home, etc.? Do you have particular staff with critical and unique skills? Are the above details held in more than one location? Building Facilities Yes No Don t Action Do you have a floor/site plan of your building(s)? Does your building(s) require 24-hour 7 days access? Have you checked that all plumbing is in working order? Do you check that the heating and air conditioning is working on a regular basis? Do you carry out end of day inspections? i.e. to check everybody has left? Do you make sure that all appliances are switched off? Do you check that all doors and windows are locked?

Assessment Checklist Buildings: Yes No Don t Action Emergency Situations Have you made a list of all emergency key contacts e.g. - for buildings/ equipment maintenance, electricity, gas, water, telecommunications? Have you familiarised yourself and your staff with the location of the mains switches and valves (i.e. for electricity, gas and water)? Do you have fire safety procedures in place? Do you regularly practice fire drills? Do you have evacuation procedures for your building? Are the fire exits clearly marked? Do you have any staff trained in evacuation? Do you have primary and secondary evacuation points? Do you have an alternative building to use in an emergency? Company Equipment Yes No Don t Action Do you have someone accountable for the assets of your service? Do you have control over the movements of your equipment? Have you completed a recent inventory of your equipment? Do you have current maintenance contracts for your company equipment? Is there a security system installed? Do you have a security policy? Do you give advice or training on security to your staff? Do you have an entry procedure policy for staff/ visitors/ contractors? Are contractors checked fully (i.e. company as well as each individual)? Do you check references fully? Do you check the integrity of external fences and doors/gates etc.?

Assessment Checklist Paper Documents Yes No Don t Action Do you copy/backup your information? Do you store your paper documents in reinforced containers? Do you have copies of your files and accounts at a separate location? Is someone responsible for the upkeep of your files and accounts? Do you make sure that you have a clear desk policy? Information Technology Yes No Don t Action Are your IT systems critical to the running of your business? Do you regularly backup your information? Do you hold a copy of the backup information off-site? Do you have IT maintenance staff or a maintenance contract? Do you have a tested IT disaster recovery plan? Is your computer anti-virus software up to date? Are documented IT policies and procedures in place? Are computer errors and logs adequately monitored? Are computer errors and logs adequately monitored? Are documented IT security policies and procedures in place? Are all computer users fully aware of email and internet usage policies? Do you know how many platforms/ servers/ applications or operating systems support critical business functions? Is your company system part of a larger network? Do you know how long it would take to recover IT functions?

Assessment Checklist External Disruption Yes No Don t Action (Suppliers) Do you have the correct contact details for all your customers? Are the above details held in more than one location (preferably offsite)? Have you identified alternative suppliers? Do your key suppliers have a business continuity plan? External Disruption Yes No Don t Action (Customers) Do you have the correct contact details for all your customers? Do your customers have a Business Continuity Plan? (they may require that in future you have a Business Continuity Plan) Are the above details held in more than one location (preferably offsite)? Do you have any key customers who you will need to be in constant contact with during a crisis? Would it affect your business if one of your key customers went out of business?

Assessment Checklist Business Locality Yes No Don t Action Have you thought about the types of risk that might occur due to the actions/ operations of other businesses near to you? i.e. industrial, sewage works, risk of pollution etc.? Have you thought about the types of risk associated with the environment? e.g. water, climate, forestry, etc.? Do you have primary and secondary evacuation points? Do you have regular contact with neighbouring businesses (e.g. local business forum)? Do you have the contact details with businesses in your area? Are you aware of any emergency response procedures specific to your location (e.g. Control of Major Accident Hazard sites; shopping centre evacuation procedures; industrial estates, etc.)? Insurance Yes No Don t Action Do you have sufficient insurance to pay for disruption to business, cost of repairs, hiring temporary employees, leasing temporary accommodation and equipment? Do you have copies of your insurance company s details in order to contact them immediately at the time of the incident? Are copies of your insurance policies and insurance contact details held off-site?

Your Business Continuity Plan (BCP) The next stage of the process is for you to write a business continuity plan using the actions that were identified during completion of the checklist. If you d like more advice on how to do this, contact Gateshead Council s Resilience Team on 0191 433 3986/ 0191 433 2807 or via email at resilience@gateshead.gov.uk. Other useful websites www.thebci.org www.londonprepared.gov.uk www.bsigroup.com www.normit.org www.cabinetoffice.gov.uk www.cpni.gov.uk www.ukresilience.gov.uk www.continuitycentral.com www.mi5.gov.uk www.gov.uk

Produced by Gateshead Council February 2015

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information