Our business is keeping you in business

News

Business Continuity Articles and Newsletters

news

Business Continuity Awareness Week - Day 5

 

 

 

 

Importance of Testing your Business Continuity Plan Regularly

You've created a thorough, efficient and reliable Business Continuity Plan (BCP) that will protect your organisation's data from potential disasters, ranging from weather-related outages to ransomware. That means you're done, right? Not exactly.

Simply having a plan in place is not enough. Regular business continuity plan testing is key to make sure everything will work correctly in case it is needed. You probably have performed fire drills, why should disaster recovery be any different? How will you know if your business continuity strategy will work if you don't test it?

BCP testing provides a clear indication if the plan isn't meeting recovery point objective/recovery time objective requirements, and enable you to make the necessary changes to get things back up and running quickly. A BCP test can also point out vulnerabilities that may need to be addressed. Testing your disaster recovery plan helps pinpoints security holes before they make a difference. Testing will also help you gauge how a system reacts to infrastructure changes, providing insight into the health of your recovery plan.

Your business processes and infrastructure change periodically. Your employees change, and you add departments. Changes should be implemented and communicated in your testing strategy to ensure everyone is on the same page. Periodic testing allows changes to be made based on successes and failures, so preparedness is high. It is critical to test to ensure each moving part is working as it should.

How frequently you need to test will differ from company to company, but experts agree that regular BCP testing is the best way to validate a business continuity plan and keep it up to date. Some organizations may test once a year and find that sufficient, depending on their environment. But it's important to make time for testing when there are changes to the infrastructure that could affect the recovery process.

For more information or assistance with your BCM planning, contact us to talk to one of our BCM Advisors.

news

Business Continuity Awareness Week - Day 4

 

 

 

 

Business Continuity and Cyber Resilience

The ability of an organization to maintain essential functions during, as well as after, a disaster created the emergence for Business Continuity. In today's connected world, Cyber Threats is now one of the top sources of disaster for the business world. The risk of cyber attack is increasing in both frequency and severity. Businesses should no longer think about the 'if,' but rather about the 'when.'; cyber attacks will occur at some point. Protection remains critical, of course, but it is equally important to know how to respond in order to minimise damage and get back to normal operating conditions as soon as possible. This capability refers to Cyber Resilience.

Customers, business partners and regulators are all increasingly intolerant of both information systems downtime and data losses. The Mauritius Data Protection Act 2017 and the European Union’s General Data Protection Regulation (GDPR) impose heavy penalties for data breaches.

Hence, it is imperative that companies integrate cyber resilience into the broader business continuity strategy. This includes the ability to not only identify and protect against cyber attacks, but also to detect any attacks and recover from it. To achieve this integration, we recommend the following five steps:

·         Align IT and business to a cyber-resilience strategy. A critical element will be to use a common approach to enable this alignment effectively.

·         Get top management buy-in. As with most business initiatives, having executive sponsorship is critical to gain traction and receive budget. Given the importance of business continuity as a whole, inclusive of cyber resilience, this sponsorship should be at board level.

·         Get the balance between cyber risk appetite and resilience right. There is no one-size-fits-all approach. Companies must take the time to understand their particular threat landscape, and establish the appropriate response plan. Mitigating and/or remediating risks costs money.

·         Develop a comprehensive cyber strategy incorporating people, processes and technology. As with business continuity, a multi-pronged approach is required. This involves aligning of people, process and technology.

·         Create a holistic resilience culture of identify, protect, detect, respond and recover. Protection is vital but, as noted above, is unlikely to be infallible, so the ability to detect that an attack has even occurred is vital in order to trigger a suitable recovery.

For more information or assistance with your BCM planning, contact us to talk to one of our BCM Advisors.

news

Business Continuity Awareness Week - Day 3

 

 

 

 

Assigning the right people to the right roles is critical in achieving Business Continuity Management (BCM) goals

Many organisations fall short in this area. When doing a Business Continuity Plan (BCP), a limited attention is given to the roles and responsibilities of people in an organisation. In any BCP there is a set of well-defined requirements for the organisation to recover on time before an incident causes irreversible impact. Those needs and requirements are in turn assigned to tasks which is why it is vital to map the right skills of the staff to those tasks based on the company organigram. 

 The BCM plan is a living document and has to constantly adapt to the changing company circumstances as well as after a BCP testing. Similarly, the assignment of roles and responsibilities must also reflect the changing plan - and also take into account the changes in personnel as well as how well individuals actually performed in their roles.

 The aspect of people in Business Continuity are not limited to roles and competencies of the organisation’s staff. No organisation can function without its people in the first place. During and after a crisis, it is the resilience of the people that make up an organisation’s community that get it back on its feet and working again. Moreover, the International Organisation for Standardisation, an independent, international body of experts in a range of industries, including Business Continuity Management (ISO 22301), has codified the people aspects of Business Continuity in its relatively new guideline, ISO 22330.

 For more information or assistance with your BCM planning, contact us to talk to one of our BCM Advisors.


Is your company prepared for an emergency?

Call us now
Continuity Mauritius
Back to top