A Business Continuity Plan can significantly decrease the impact of a disruption or disaster to a business. If you already have one, great, check it off against our list here and be sure to review your plan at least annually, or if there is a significant change to your business. If you do not have one, hopefully this list will give you a good template to start from.
- Have a plan. First and foremost you need one before a disaster strikes. It should cover the risks of disruption to:
- Your supply chain – What if a key supplier is no longer available or has their own business continuity issue?
- Key technologies – What are the key technologies you use? What happens if it is not available?
- Staff – public transport strikes, bad weather. Do they know how to work from outside the office?
- Access to office – Can the business still operate if your office space is not available?
- Create a recovery team with contact information. These should be people who know the business processes and systems.
- Clearly document the responsibilities of each of the recovery team.
- Copy of BCP should be held by team members in a secure location (both printed and digital)
- Rehearse the plan. Schedule time for team members to review and agree the steps and their responsibilities. Let staff work from home occasionally to adjust to home working.
- Create a list of contact names and numbers for key clients and suppliers.
- Establish a secondary location for staff to work from, if necessary.
- Make sure ALL your data is being backed-up offsite
- Train employees on the plan. They should know things like what to do, where to go, how updates will be communicated
- Review the plan at least annually or if there is a significant change to the business. Update any information if necessary then re-print/re-publish.
If you would like to learn more about business continuity, a comprehensive information security program or discuss if your business should be looking beyond cyber security, feel free to reach out to us through one of the following methods:
- To contact our MD: Send an email to email@example.com
- To contact our Information Security Manager: Send an email to firstname.lastname@example.org
- Click here to submit a request for us to call back.