In 1977, Irving Wallace and his children began publication of The Book of Lists (since updated many times). It’s a fascinating book, but only useful for making odd references at parties.
The same holds true for Business Continuity Plans. I’ve seen Plans 300 pages long – without a single word telling me what to do. Just pages and pages of lists:
- All Critical Employees (and their contact information)
- The addresses and CAD drawings of the company’s facilities
- The BIA results for every Department (and the overall company impacts)
- All the hardware in the datacenter
- An alphabetical list of Vendors
Fascinating stuff; but when smoke is billowing out of your facility’s windows – it’s practically useless.
A Plan, by definition should be a detailed proposal for doing something. That seems simple enough; but a list is not a proposal. It does not instruct, it does not inform, it does not support decision making, it does not tell anybody what to DO.
Yet there they are. Lists of all kinds, lined up like good little soldiers waiting to be deployed in the recovery of an organization. Those lists were compiled with good, but ill-advised, intentions; because nobody knows what to do with them.
It’s easy to understand why some organizations and individuals gravitate toward lists. You don’t know what will happen, you don’t know when it will happen, how long it will last or how severe it will be. So how can you possibly plan for what you can’t anticipate? If you provide lists (the thinking goes) of everything you might possibly need whenever whatever happens, you’re prepared for everything!
In reality, when something happens, the first precious hours of your response (perhaps many hours) will be squandered deciding how to use those lists to react to whatever happened – because they are not ‘a detailed proposal for doing something.
But that Book of Lists is not a total loss. Those lists are important; they consist of assets and resources that are essential to creating viable, actionable plans. Lists comprise the ‘what’ (as in “What resources do we need?”). What’s missing, of course is the ‘how’ (“How will we use those resources?”).
People resort to creating lists because they take too wide a view; you can create actionable, viable plans by narrowing our plans to specific Processes (or specific IT Applications/Systems). Every critical Business Process (one that directly or indirectly impacts the ability to deliver the organization’s critical Products and Services) is dependent upon ‘assets’.
If we know which Processes are most critical to the organization, and we know which ‘assets’ (People, Facilities, Suppliers, Resources, IT applications and other Business Processes) they depend upon, we can write actionable strategies to recover, continue or replace each of those assets. Cumulatively, those strategies (and the tasks necessary to execute them) become a real plan – not just a book of lists.
When our plan development effort aims too high (trying to create an enterprise-wide, regional, or even a Departmental plan) we are forced to plan from the top down, because of the complexity. The result is often pages and pages of lists. Focusing plan development on an individual Business Process that supports critical Products and Services – and how to restore, recover or continue the assets that Process relies on – allows us to connect-the-dots among the dependent assets in those lists, and frees us to create an actionable plan.
When something disrupts your operations, time is critical. A plan that can immediately spring into action is worth much more than a book of lists that must be analyzed and strategized before the first action can be taken.
Don’t stop compiling those lists. Just stop believing that they constitute a plan. Put them to better use connecting the dependencies to critical Business Processes and IT Applications/Systems – and creating actionable plans.
