Why a Business Continuity Plan Isn’t Always Enough

Ensuring that your business will be able to bounce back from a disaster should be a top priority for any organisation. If it isn’t then perhaps you should consider the consequences of ignoring the risks of a disaster.

Let’s look at a scenario where an organisation failed to keep on track with their business continuity plan.

Company A distributes products for several different companies throughout the country; they have 15 Lorries and 10 vans. A fire breaks out in their garages and destroys all of their vehicles, meaning that they will not be able to deliver their clients products. Company A does have a business continuity plan (BCP), but it was written when the company was much smaller and the plan only has information on where they can quickly rent 3 vans – from a company which no longer exists. Their clients are receiving complaints from their customers about late deliveries, so the clients have no choice but to move on to another distribution company. Company A shuts down.

A survey shows that 70% of UK businesses fail within three years of experiencing a fire and even though Company A had a BCP, they still failed to recover.

Having a BCP isn’t enough, especially when it’s been left untouched since it was created. How do you know that your BCP is up-to-date, or that it’s even going to work? You’ll find the answer to those questions when disaster hits, but wouldn’t you rather know the answer before a disaster?

A BCP needs managing, it needs to grow when the organisation grows and it must be tested. A business continuity management system (BCMS) does exactly that, it makes your BCP part of a management system and can be integrated with other systems you might have in place including ISO 27001, ISO 90001, ISO 14001 and more. If it is aligned with the business continuity standard ISO 22301 it will enable you to:

  • Demonstrate to key stakeholders (customers, suppliers and partners) that your organisation is resilient
  • Increase your competitive advantage and enhance your reputation
  • Is internationally recognised
  • Increases customer loyalty and trust
  • Protect your financial income and business assets
  • Save costs by reducing costs of tendering
  • Comply with all mandatory legal and regulatory requirements

If Company A had an ISO 22301 certified BCMS, they’d be able to win much more clients as they can demonstrate through an internationally recognised certification that they have procedures in place to ensure they can operate as normal in the event of business disruption.

A Managers Guide to ISO 22301 provides practical guidance on developing and implementing a business continuity management system certifiable to ISO 22301. The author, Tony Drewitt, has specialised in operational risk management and business continuity since 2001, and is currently working with several organisations to develop management systems in line with IS0 22301.

If safeguarding your organisations future is important to you then read this book >>> A Manager’s Guide to ISO22301.