What’s Our Plan for That?

That question usually comes from an executive after some other organization has a business crisis that makes global or national headlines. The question causes anxiety in many Business Continuity Planners.

I remember the first time I got that question. A local business had suffered a lightning strike, cutting power and frying much of their electrical and technology gear.  I can still recall the sudden panic when our CFO asked me that question: “What’s our Plan for that?”

We had no such Plan.  Had we, we should also have had Plans for tornados, hail, parking lot sinkholes, contaminated drinking water and trucks crashing through our lobby doors:  things that had happened to local businesses during the previous year.

Someone far removed from the Planning process (like my CFO) might assume that there’s “A Plan” for every eventuality.

Of course, it’s impossible to have a plan for every cause. But it is feasible to prepare for every impact.

A Business Continuity Planner’s goal is to make sure his or her organization is prepared for anything.  There really should be no “Our Plan”.  Unless that organization is a single location with a handful of employees, a single Plan is insufficient.  Plans to recover or continue critical Business Processes (or Functions), and Plans to recover individual, critical IT Applications are essential.

Each of those Plans can be designed to include strategies that enable a response to any disruption – precisely what the CFO was looking for.

How would I respond if asked that same question today?

“We have interrelated Plans that will assure a fast and effective response to any disruption – because those Plans focus on recovering from impacts, regardless of the cause.”

A focus on the dependencies of critical Business Processes (locations, people, IT applications, vendors and other Business Processes) enables the formation of Business Continuity Plans with strategies to respond to the loss of any of those dependencies.  As a result, a Plan can be used to recover from any disruption – regardless of cause.

The next time someone asks you “Do we have a Plan for that?”  What will your answer be?

Jim Mitchell

Jim Mitchell

A frequent speaker at Business Continuity conferences, many of Jim Mitchell’s blogs can be found elsewhere on eBRP’s website and has published articles in DRJ, Continuity Insights and Continuity Central. Jim has more than 20 years of experience in Business Continuity; if you don’t agree with his opinions – he won’t be surprised.

Related Posts

Insights into creating a successful Disaster Recovery Test – Part 2: Preparation

Insights into creating a successful...

Insights into creating a successful Disaster Recovery exercise – Part 1: Objectives

Insights into creating a successful...

Aligning Cyber Incident Response Planning with Your BC/DR Program

Aligning Cyber Incident Response Pl...

Cyber disruptions – and their impact on both reputations and…
What Can You Do when your BCM software Relationship Falls Apart

What Can You Do when your BCM softw...

“This isn’t working.”  “I’ve changed.”  “I don’t see a future…
Aligning BC/DR to CSIRP Challenges

Aligning BC/DR to CSIRP Challenges

The immediate reaction to a cyber-security incident is the FUD…
Technology Modeling – the eBRP Way

Technology Modeling - the eBRP Way

Definition: Technology modeling is a point-in-time snapshot of an Enterprise’s…
eBIA – The eBRP Way

eBIA - The eBRP Way

Definition: A Business Impact Analysis (BIA) is the cornerstone of…
Threats, Impacts, BCPs

Threats, Impacts, BCPs

Within Business Continuity circles there is ongoing debate about the…
The BCM Challenge: Executive Buy-In

The BCM Challenge: Executive Buy-In

As a Business Continuity Management (BCM) solution provider, the first…
DR Plans – The What, When & Who

DR Plans - The What, When & Who

As a Business Continuity practitioner with more than 20 years…