BUSINESS CONTINUITY Business continuity definition Business Continuity Management
BUSINESS CONTINUITY
Business continuity definition "Business Continuity Management (BCM) is a management process that helps manage the risks to the smooth running of an organisation or delivery of a service, ensuring that the business can continue in the event of a disruption. These risks could be from the external environment or from within an organisation". Civil Contingencies Act 2004 10
Business continuity some worrying facts Ignoring relevant Business Continuity statistics is a high-risk strategy for long term business survival These figures come from a survey of 500 UK Small Medium Businesses conducted by Aviva in 2011 - 50% of Small Medium Businesses admit to not having Business Continuity or Disaster Recovery Plans in place; 16% felt there was no business requirement to have a plan; and just 28% do have a plan in place Some of the other statistics in the report: - 33% believed a major incident would put them out of business for a week 31% felt it would be more like a month. Could your business survive if it was off-line for a week or a month? If you add into this some statistics from the Federation of Small Business - 80% of businesses affected by a major incident close within 18 months 90% of businesses that lose data from a disaster are forced to shut within 2 years 58% of UK organisations were disrupted by the Sept 11 th attack – 1 in 8 were seriously affected 11
Business continuity some worrying facts 12
Risk Profile - considerations Medical Emergencies Staff Injury / Accident 3 rd Party Injury / Accident Staff Illness Fire / Explosion Major Fire Localised Fire Explosion Bomb Explosion Spontaneous Ignition Neighbouring Facilities Hazardous Materials Chemical Spill On Site Neighbouring Facilities Transportation Accident On Site Transportation Accident Near Site Security Bomb Threat Civil Disturbance Industrial Action Kidnap / Extortion Workplace Violence Robbery Petty theft Terrorism Arson Sabotage Vandalism Cyber Threats Natural Hazards Coastal Storms Tidal Flooding Flash Flooding High Winds Lightning Strike Winter Storm (snow / ice) Earthquake Landslide Subsidenc e Volcano Infrastructure Hazards Telephone (landline) Failure Mobile phone failure Power Failure Water Supply Failure Gas Supply Failure Sprinkler Leakage Roof leakage Legionella Key equipment failure Sewage / Drainage Failure HVAC Failure Building Collapse Vibration Corrosion Environmental Hazards Nuclear Power Plant within 50 miles Dust Fungus / Mildew / Rot Moths / Vermin Proximity to Major Highways Proximity to Rail Lines Proximity to Dams Proximity to Chemical Stocks Flood Plain Information Technology Hardware Failure Software Failure / Data Loss Virus Attack Malicious Denial of Access Unauthorised Access to Network Legal / Regulatory Competition / anti-trust Corruption / bribery Intellectual property Patent / IP infringement Non-compliance with the law Product safety Behavioural non-adherence to processes Vehicle performance testing On-site vehicle movement
RECOMMENDATIONS SUMMARY Consider all impacts, Internal and External Look at probability and Impact Create a plan Have a ‘Site Infrastructure’ Plan Create Crisis Management Team Identify Command centres (on-site & off-site) Create Grab Bag with Emergency resources Establish protocols on communication Consider Site Evacuation Method Consider Associate Call in systems.
QUESTIONS
- Slides: 8