Get the Most Out of Your Organization’s Business Continuity Plan

April 17, 2020

By Ogie Sheehy, Global CIO and CEO European Business

By now, every aspect of our personal and professional life has been impacted by COVID-19 in more ways than we can count. This pandemic has changed how we all live, how our members interact with us and how companies are operating. As we quickly adapt to navigating our ‘new normal,’ we may have discovered that our business continuity plan didn’t quite prepare us for every curveball we’ve encountered along the way.

While it may seem impossible to plan for the unthinkable, there are steps you can take to get the most out of your BCP and save your company time and money should another crisis emerge down the road. By implementing a process to continuously review, test and improve your BCP, it will prove to be one of your greatest assets when facing challenging times in the future.

Not sure if your organization’s BCP review process is comprehensive enough? Consider the following:

Is the BCP Specific & Reviewed Annually?

Start by assembling a BCP team made up of employees and scheduling an annual review of the plan. The first step for this team is to ensure that the BCP is specific to the needs of your organization. It's not unusual for BCPs to be built through a cut-and-paste style of policy creation. While this is a good place to start, it is important to customize the BCP specifically to your organization. Annually, the team should get together to review the BCP and detail any gaps in the plan. Throughout the year, new staff members may have joined, contact information may have changed etc., so it is important to ensure these details are current.

Does your Company Implement BCP Tests?

Over the last several weeks, organizations across all industries are noticing that their BCPs have not been properly tested and are too short-sighted to be effective. Have you really considered every possible scenario that may occur? Who would have thought that most of the workforce would be working from home for several weeks? It is important to have every angle covered in your BCP, which is why simulation tests should be conducted and should take a hands-on approach. The BCP team should discuss every detail, no matter how minor they may seem. This type of testing should include procedures for backing-up and restoring data, emergency internal and external communication plans, and contingency plans for email or network outages.

What is the Best Approach to Address Gaps in a BCP?

As a result of hands-on testing, your BCP team will undoubtedly be identifying gaps in your plan. The team should create a detailed action plan to close each gap, in turn enhancing the plan’s effectiveness. Be sure that each action item has an owner assigned who understands the goal of the improvement action and a clear completion date is identified. The action plan should function as a status report and identify what steps have been completed and which are outstanding. The BCP team should have weekly meetings to ensure progress is being made to complete each step. Once all improvements are complete the BCP will be refreshed and ready to execute.

Having a sound BCP is a great start, but to get the most out of your BCP it needs to be reviewed and tested on an annual basis. Periodic reviews of your BCP not only keeps your staff familiar with your plan but gives you an opportunity to continuously improve on any shortfalls that are identified along the way.

Services performed by ViClarity are compliance and not legal in nature, and do not form an attorney-client relationship or any of the protections attendant to the attorney-client relationship.