Single-use plans are used to accomplish a specific objective or to cover a designated time-period.
A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue operating during an unplanned event. Show
The BCP states the essential functions of the business, identifies which systems and processes must be sustained, and details how to maintain them. It should consider any possible business disruption. A BCP covers risks including cyber attacks, pandemics, natural disasters and human error. The array of possible risks makes it vital for an organization to have a business continuity plan to preserve its health and reputation. A proper BCP decreases the chance of a costly power outage or IT outage. IT administrators often create the plan. However, the executive staff participate in the process, providing knowledge of the company and oversight. They also ensure the BCP is regularly updated. This article is part of What is BCDR? Business continuity and disaster recovery guide
Download1 Download this entire guide for FREE now! Importance of business continuity planningBusiness continuity planning is a proactive business process that lets a company understand potential threats, vulnerabilities and weaknesses to its organization in times of crisis. The creation of a business continuity program ensures company leaders can react quickly and efficiently to business interruption. A BCP enables a company to continue to serve customers during a crisis and minimize the likelihood of customers going to competitors. These plans decrease business downtime and outline the steps to be taken -- before, during and after an emergency -- to maintain the company's financial viability. Elements of a business continuity planAccording to business continuity consultant Paul Kirvan, a BCP should contain the following items:
In the book Business Continuity and Disaster Recovery Planning for IT Professionals, Susan Snedaker recommends asking the following questions:
Business continuity planning stepsThe business continuity planning lifecycle contains these five steps:
BCP implementationOnce the business has started the planning process, it launches the BIA and RA processes to collect important data. The BIA defines the critical functions that must continue during a crisis and the resources needed to maintain those operations. The RA details the potential internal and external risks and threats, the likelihood of them happening, and the possible damage they could cause. The next step determines the best ways to deal with the risks and threats outlined in the BIA and RA, and how to limit damage from an event. A successful business continuity plan defines step-by-step procedures for response. The BCP should not be overly complex and does not need to be hundreds of pages long; it should contain just the right amount of information to keep the business running. Small businesses can use a one-page plan with all the necessary details. That can be more helpful than a long plan that is difficult to use. Those details should include the following:
Key implementation stepsThe four steps involved in implementing a BCP are the following:
BCP testingAn organization's technology, processes, staff and facilities constantly change. Therefore, regular testing, reviewing and updating of a BCP is critical. Plan testing should be undertaken using tabletop exercises, walk-throughs, practice crisis management communications and emergency enactments to test the viability of the plan and to see how employees and executives react under stress. Regular testing and maintenance ensure the BCP is current and accurate. A simple test of a business continuity plan might involve talking through it. A complex test requires a full run-through of what will happen in the event of a business disruption. The test can be planned in advance or it can be done spur of the moment to better simulate an unplanned event. If issues arise during testing, the plan should be corrected accordingly during the maintenance phase. Maintenance also includes a review of the critical functions outlined in the BIA and the risks described in the RA, as well as plan updating if necessary. A business continuity plan must be continually improved; updates should not wait for a crisis. Staff members involved in the plan must get regular updates and business continuity training. An internal or external business continuity plan audit should be used to evaluate the effectiveness of the BCP and highlight areas for improvement. Five elements required for an effective business continuity plan audit.For specific BCP testing steps, download the guide Business continuity and disaster recovery testing templates. Business continuity planning software, tools and trendsThere is help available to guide organizations through the business continuity planning process, from consultants to tools to full software. Which approach an organization should take depends on the complexity of the business continuity planning task, the amount of time and personnel available, and the budget. Before making a purchase, it is advisable to research both products and vendors, evaluate demos, and talk to other users. For more complicated functions, business continuity planning software uses databases and modules for specific exercises. The U.S. Department of Homeland Security, through its Ready.gov website, offers software in its Business Continuity Planning Suite. Other business continuity software vendors include Castellan, formed from the merger of Assurance, Avalution and ClearView in 2020; CLDigital, formerly Continuity Logic; Fusion Risk Management; Quantivate; and Sungard Availability Services. The Federal Financial Institutions Examination Council's Business Continuity Management booklet contains guidance on plan development, testing, standards and training for both financial and nonfinancial organizations. Free download of BCP templateThe role of the business continuity professional has changed and continues to evolve. As IT administrators are increasingly asked to do more with less, it is advisable for business continuity professionals to be well versed in technology, security, risk management, emergency management and strategic planning. Business continuity planning must also take into account emerging and growing technologies, such as the cloud and virtualization, as well as new threats, such as cyber attacks like ransomware. One resource that combines all these elements is SearchDisasterRecovery's free, downloadable business continuity plan template. It provides guidance and insight for creating a successful BCP. Business continuity planning standardsBusiness continuity planning standards provide a starting point. The International Organization for Standardization (ISO) 22301:2019 standard is regarded as the global standard for business continuity management. ISO 22301 is often complemented by other standards, such as the following:
Other standards include the following:
Emergency management and disaster recovery plansAn emergency management plan is a document that helps to lessen the damage of a hazardous event. Proper business continuity planning includes emergency management as an important component. The appointed emergency management team takes the lead during a business disruption. An emergency management plan, like a BCP, should be reviewed, tested and updated regularly. It should be fairly simple and provide the steps needed to get through an event. The plan also should be flexible, because situations are often fluid. Teams involved in the event of a disaster should communicate frequently during the incident. Disaster recovery plans focus on making data accessible following a disaster. Business continuity has a broader focus that includes the risk management, oversight and planning required for an organization to continue operating during a disruption.Disaster recovery (DR) and business continuity planning are often linked, but they are different. A DR plan is reactive, as it details how an organization recovers after a business disruption. A business continuity plan is a proactive approach that describes how an organization can maintain business operations during an emergency. What is singleSingle-use plans are also known as 'specific plans' since their objective is to solve a particular problem. These plans are formulated to handle a non-repetitive and unique problem. Such single-use plans cannot be used repeatedly since they become useless after they have achieved their objective.
What is a singleA single-use plan is an operational plan relates to a particular project, and it's discarded once the project is complete. Use this when the project doesn't match another project or isn't likely to be used again later. You can customize it to fit the individual project.
What type of plans is designed for a specific purpose period?An operational plan describes the specific goals and objectives and milestones set by an organization during a specific period.
Are singleOperational plans include single-use plans like budgets that apply to one specific task or time period.
|