If your organization is like most, its approach to business continuity and disaster recovery (BC/DR) has changed a lot over the years. Especially during the last ten or so. While this evolution has most likely been fueled by the adoption of new policies and procedures, standards, or even technologies, there are (and continue to be) several other driving factors. Enterprise scale, or “big picture” resiliency is almost certainly one of them.
Granted, business resiliency is not a new concept. It’s deeply rooted in IT and facilities management, which have always been key elements of your BC/DR plan. But, it has morphed into something even larger. Something that involves every facet of your business, from customer service to legal to HR, along with every change, bad or good, in normal business activities. In other words, something end-to-end.
Technology and consulting services giant, IBM, describes business resiliency as “the ability of an organization’s business operations to rapidly adapt and respond to internal or external dynamic changes—opportunities, demands, disruptions or threats—and continue operations with limited impact to business.”
As such, and according to an article published by Continuity Central, business resiliency can be thought of as spanning six discrete layers: strategy, organization, processes, data/applications, technology and facilities/security. Regardless of your role, you have the opportunity (and the responsibility) to contribute to your organization’s expanding resiliency in some form or fashion.
So, how do you take a more holistic approach to business resiliency if you’ve not done so already? Consider the three main objectives for dealing with anticipated and unexpected events, as identified by the Business Resilience Certification Consortium International (BRCCI):
Take into account BRCCI’s following five high-level requirements for a successful business resiliency program, and determine how your organization, department or particular location stacks up. (Be honest with yourself and your staff, and document the shortcomings so improvements can be made.)
Comprehensive – The program must be based on a scope that covers an organization’s end-to-end business and operational aspects. The scope includes business resilience strategies, business processes, people, IT assets and resources, non-IT assets and resources, products and services, supply chains, laws and regulations, etc.
Methodical – Ensures the program is built on a structured, systematic and analytical approach for achieving resiliency objectives.
Adaptable – Characterizes the ability of the program to adapt quickly to changing threats, circumstances and business demands (e.g., just-in-time delivery of goods or services).
Proactive – Anticipates future business changes, impacts and discontinuities, and takes preemptive actions to protect resilience goals. (Plus, capitalizes opportunities to increase shareholder values.)
Reactive – Defends and protects the organization from unexpected situations that can lead to disastrous consequences (e.g., natural disasters, pandemic threats, data breaches, supply chain disruptions, etc.)
And remember, communication and collaboration are crucial if you’re going to extend the traditional boundaries of resiliency to other areas of your business, i.e., outside the BC/DR silo. A concerted effort is required for success.
Take advantage of every opportunity to share your perspective and contribute to the “big picture.” The unique skills, expertise and experience you bring to the table as a certified BC/DR planner, C-level executive, IT professional, facilities manager or client services director, are invaluable. Not just for helping the organization to meet its business objectives, but also for supporting its move toward enterprise-scale resiliency.
Want to learn more? Check out the Business Continuity Management Futures Report 2017 and visit the OnSolve Resource Center.