Business Continuity Planning
Submit Articles Back to Articles
Business continuity planning is one subject that is often left to the last
minute but is one of great importance.
If you wait until 'something' happens, it could be too late. I have seen
people wading in calf deep water looking for the stopcock; others reading the
instructions on a fire extinguisher in the middle of a fire.
In reality we should all know what to do in an emergency well before the
emergency happens and be prepared for most eventualities.
We have read about the terrorist attack, the dirty bomb and other major
catastrophes but it is often the 'soft' disasters which can cause irreparable
damage to a company.
One such problem occurred recently; the company uses a card entry system to
gain access to the building. The server housing the operating system failed and
prevented anyone entering the building. It was apparent that there was no manual
override; people milled around outside the building, not really knowing what to
do. Eventually someone broke a window to gain entry. Of course the alarm went
off and before it could be turned off the police were on site; embarrassment all
The company has now put a system in place to override the card system if it
fails in the future.
The winter season also means that illness will increase; how many companies
have prepared for a flu epidemic? Sadly very few.
Companies that have incorporated ISO27001 (Information Security Management
System) will have an emergency plan in place, regularly tested and validated.
This together with an IT disaster Recovery Plan will be able to deal with most
eventualities. The old saying that 'if you hope for the best but prepare for the
worst' is a good mantra to use.
Companies that have suffered major disaster, like being in the vicinity of
the Buncefield fuel depot fire, and did not have any business continuity plan
have disappeared without trace. Insurance cover just didn't mitigate all the
problems. Those companies that did have a plan in place, had difficulties but
managed to survive.
It is a pity that, as of December 2007, there are only 363 companies in the
UK certificated to ISO27001. It is a very big standard to achieve but the
benefits are huge.
About the Author
Chris Eden FIBC, MISSA, ACQI is a director of Quality Matters Limited an
established independent management consultancy specializing in
Information Security Management accreditation.
Follow us @Scopulus_News
Article Published/Sorted/Amended on Scopulus 2008-02-05 22:47:53 in Business Articles