| ITL3 A4.1 |
Business continuity – or BC – is the planning and implementation of a plan to ensure an organisation can remain operational after an adverse event. This video looks at what business continuity is, and how you can plan for it.
- [Instructor] Business continuity or BC, is the planning and implementation of the plan to ensure an organization can remain operational after an adverse event. In the current climate, business continuity has a higher profile than ever before. Every organization, regardless of size, is increasingly dependent on technology to generate revenue, provide services, and support customers. Fires, floods, cyber attacks or other unfortunate incidents can cause financial losses, damage the corporate brand and ultimately close a business permanently. The role of BC is to minimize the adverse effects of outages and disruptions on business operations. BC enables an organization to get back on its feet off the problems occur, reduce the risk of data loss, loss of revenue, and reputational harm. It can also help to improve operations while decreasing returns of emergencies. 168 software is a small software company based in the UK. They've recently started expansion and moved into new premises expanding their team. As the company is growing, and there are more and more customers dependent on them, they need to ensure that they can continue operations even in the face of the most severe threats. It's time for them to create and implement a business continuity plan. They start by looking at the BC planning options available to them. They assess the various BC planning software packages and document templates on the market and speak to a few of the professional BC services. They decide to use a mix of software and templates. The first step to business planning, is to conduct a business impact analysis or BIA to identify time-sensitive or business critical functions and the resources that support them. They compile this list, customer data, finished products, products in development, physical premises, people, communications, IT systems. With the list ready, they start looking at the various threats to each element. Customer data, cyber attack, theft, data corruption. Finished products, random failure of mission-critical systems, theft. Products in development, random failure of mission-critical systems. Physical premises, fire. People, epidemics/pandemic. Communications, unplanned IT and telecom outages, data corruption, cyber attack, data breach, fire, epidemic/pandemic, theft, random failure of mission-critical systems. IT systems, unplanned IT and telecom outages, cyber attack, data breach, random failure of mission-critical systems. The risks are now identified and 168 can plan to mitigate them. To prevent against cyber attacks, they upgraded IT security. To reduce risks from theft, they implemented a new secure door system and encrypted all their data. Data corruption protection comes from having a cloud-based IT backup system. To protect from IT and telecoms outages, they bought mobile phones for three different networks, and started Russa clustering, the process of combining services for more than one ISP. Data breaches are mitigated by secure encryption, the improved IT security and having a clear procedure for the lost devices. Everyone in the company has a laptop, a work mobile phone and the ability to work from home. This protects the business from the risks of fire and epidemic or pandemic. Protection from random systems failures comes from a combination of IT backup, router clustering, encryption and the business's ability to work from other premises. To ensure continued success 168 implement the last stages of that plan. Training, 168 ensure that everyone in the business has initial training and regular refreshes on the company's mitigation plans. The owners then put in place a regular review schedule for the BC plan. They review and update the plan annually, apart from those items identified as high risk, which are reviewed biannually.