• Search Search Please fill out this field.
  • Business Continuity Plan Basics
  • Understanding BCPs
  • Benefits of BCPs
  • How to Create a BCP
  • BCP & Impact Analysis
  • BCP vs. Disaster Recovery Plan

Frequently Asked Questions

  • Business Continuity Plan FAQs

The Bottom Line

What is a business continuity plan (bcp), and how does it work.

a business continuity plan helps organizations to operate at what level

Pete Rathburn is a copy editor and fact-checker with expertise in economics and personal finance and over twenty years of experience in the classroom.

a business continuity plan helps organizations to operate at what level

Investopedia / Ryan Oakley

What Is a Business Continuity Plan (BCP)? 

A business continuity plan (BCP) is a system of prevention and recovery from potential threats to a company. The plan ensures that personnel and assets are protected and are able to function quickly in the event of a disaster.

Key Takeaways

  • Business continuity plans (BCPs) are prevention and recovery systems for potential threats, such as natural disasters or cyber-attacks.
  • BCP is designed to protect personnel and assets and make sure they can function quickly when disaster strikes.
  • BCPs should be tested to ensure there are no weaknesses, which can be identified and corrected.

Understanding Business Continuity Plans (BCPs)

BCP involves defining any and all risks that can affect the company's operations, making it an important part of the organization's risk management strategy. Risks may include natural disasters—fire, flood, or weather-related events—and cyber-attacks . Once the risks are identified, the plan should also include:

  • Determining how those risks will affect operations
  • Implementing safeguards and procedures to mitigate the risks
  • Testing procedures to ensure they work
  • Reviewing the process to make sure that it is up to date

BCPs are an important part of any business. Threats and disruptions mean a loss of revenue and higher costs, which leads to a drop in profitability. And businesses can't rely on insurance alone because it doesn't cover all the costs and the customers who move to the competition. It is generally conceived in advance and involves input from key stakeholders and personnel.

Business impact analysis, recovery, organization, and training are all steps corporations need to follow when creating a Business Continuity Plan.

Benefits of a Business Continuity Plan

Businesses are prone to a host of disasters that vary in degree from minor to catastrophic. Business continuity planning is typically meant to help a company continue operating in the event of major disasters such as fires. BCPs are different from a disaster recovery plan, which focuses on the recovery of a company's IT system after a crisis.

Consider a finance company based in a major city. It may put a BCP in place by taking steps including backing up its computer and client files offsite. If something were to happen to the company's corporate office, its satellite offices would still have access to important information.

An important point to note is that BCP may not be as effective if a large portion of the population is affected, as in the case of a disease outbreak. Nonetheless, BCPs can improve risk management—preventing disruptions from spreading. They can also help mitigate downtime of networks or technology, saving the company money.

How to Create a Business Continuity Plan

There are several steps many companies must follow to develop a solid BCP. They include:

  • Business Impact Analysis : Here, the business will identify functions and related resources that are time-sensitive. (More on this below.)
  • Recovery : In this portion, the business must identify and implement steps to recover critical business functions.
  • Organization : A continuity team must be created. This team will devise a plan to manage the disruption.
  • Training : The continuity team must be trained and tested. Members of the team should also complete exercises that go over the plan and strategies.

Companies may also find it useful to come up with a checklist that includes key details such as emergency contact information, a list of resources the continuity team may need, where backup data and other required information are housed or stored, and other important personnel.

Along with testing the continuity team, the company should also test the BCP itself. It should be tested several times to ensure it can be applied to many different risk scenarios . This will help identify any weaknesses in the plan which can then be identified and corrected.

In order for a business continuity plan to be successful, all employees—even those who aren't on the continuity team—must be aware of the plan.

Business Continuity Impact Analysis

An important part of developing a BCP is a business continuity impact analysis. It identifies the effects of disruption of business functions and processes. It also uses the information to make decisions about recovery priorities and strategies.

FEMA provides an operational and financial impact worksheet to help run a business continuity analysis. The worksheet should be completed by business function and process managers who are well acquainted with the business. These worksheets will summarize the following:

  • The impacts—both financial and operational—that stem from the loss of individual business functions and process
  • Identifying when the loss of a function or process would result in the identified business impacts

Completing the analysis can help companies identify and prioritize the processes that have the most impact on the business's financial and operational functions. The point at which they must be recovered is generally known as the “recovery time objective.”

Business Continuity Plan vs. Disaster Recovery Plan

BCPs and disaster recovery plans are similar in nature, the latter focuses on technology and information technology (IT) infrastructure. BCPs are more encompassing—focusing on the entire organization, such as customer service and supply chain. 

BCPs focus on reducing overall costs or losses, while disaster recovery plans look only at technology downtimes and related costs. Disaster recovery plans tend to involve only IT personnel—which create and manage the policy. However, BCPs tend to have more personnel trained on the potential processes. 

Why Is Business Continuity Plan (BCP) Important?

Businesses are prone to a host of disasters that vary in degree from minor to catastrophic and business continuity plans (BCPs) are an important part of any business. BCP is typically meant to help a company continue operating in the event of threats and disruptions. This could result in a loss of revenue and higher costs, which leads to a drop in profitability. And businesses can't rely on insurance alone because it doesn't cover all the costs and the customers who move to the competition.

What Should a Business Continuity Plan (BCP) Include?

Business continuity plans involve identifying any and all risks that can affect the company's operations. The plan should also determine how those risks will affect operations and implement safeguards and procedures to mitigate the risks. There should also be testing procedures to ensure these safeguards and procedures work. Finally, there should be a review process to make sure that the plan is up to date.

What Is Business Continuity Impact Analysis?

An important part of developing a BCP is a business continuity impact analysis which identifies the effects of disruption of business functions and processes. It also uses the information to make decisions about recovery priorities and strategies.

FEMA provides an operational and financial impact worksheet to help run a business continuity analysis.

These worksheets summarize the impacts—both financial and operational—that stem from the loss of individual business functions and processes. They also identify when the loss of a function or process would result in the identified business impacts.

Business continuity plans (BCPs) are created to help speed up the recovery of an organization filling a threat or disaster. The plan puts in place mechanisms and functions to allow personnel and assets to minimize company downtime. BCPs cover all organizational risks should a disaster happen, such as flood or fire.  

Federal Emergency Management Agency. " Business Process Analysis and Business Impact Analysis User Guide ," Pages 15 - 17. Accessed Sept. 5, 2021.

a business continuity plan helps organizations to operate at what level

  • Terms of Service
  • Editorial Policy
  • Privacy Policy
  • Your Privacy Choices

U.S. flag

An official website of the United States government

Here’s how you know

world globe

Official websites use .gov A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

a business continuity plan helps organizations to operate at what level

Business Continuity Planning

world globe

Organize a business continuity team and compile a  business continuity plan  to manage a business disruption. Learn more about how to put together and test a business continuity plan with the videos below.

Business Continuity Plan Supporting Resources

  • Business Continuity Plan Situation Manual
  • Business Continuity Plan Test Exercise Planner Instructions
  • Business Continuity Plan Test Facilitator and Evaluator Handbook

Business Continuity Training Videos

The Business Continuity Planning Suite is no longer supported or available for download.

feature_mini img

Business Continuity Training Introduction

An overview of the concepts detailed within this training. Also, included is a humorous, short video that introduces viewers to the concept of business continuity planning and highlights the benefits of having a plan. Two men in an elevator experience a spectrum of disasters from a loss of power, to rain, fire, and a human threat. One man is prepared for each disaster and the other is not.

View on YouTube

Business Continuity Training Part 1: What is Business Continuity Planning?

An explanation of what business continuity planning means and what it entails to create a business continuity plan. This segment also incorporates an interview with a company that has successfully implemented a business continuity plan and includes a discussion about what business continuity planning means to them.

Business Continuity Training Part 2: Why is Business Continuity Planning Important?

An examination of the value a business continuity plan can bring to an organization. This segment also incorporates an interview with a company that has successfully implemented a business continuity plan and includes a discussion about how business continuity planning has been valuable to them.

Business Continuity Training Part 3: What's the Business Continuity Planning Process?

An overview of the business continuity planning process. This segment also incorporates an interview with a company about its process of successfully implementing a business continuity plan.

Business Continuity Training Part 3: Planning Process Step 1

The first of six steps addressed in this Business Continuity Training, which detail the process of building a business continuity plan. This step addresses how organizations should “prepare” to create a business continuity plan.

Business Continuity Training Part 3: Planning Process Step 2

The second of six steps addressed in this Business Continuity Training, which detail the process of building a business continuity plan. This step addresses how organizations should “define” their business continuity plan objectives.

Business Continuity Training Part 3: Planning Process Step 3

The third of six steps addressed in this Business Continuity Training, which detail the process of building a business continuity plan. This step addresses how organizations should “identify” and prioritize potential risks and impacts.

Business Continuity Training Part 3: Planning Process Step 4

The fourth of six steps addressed in this Business Continuity Training, which detail the process of building a business continuity plan. This step addresses how organizations should “develop” business continuity strategies.

Business Continuity Training Part 3: Planning Process Step 5

The fifth of six steps addressed in this Business Continuity Training, which detail the process of building a business continuity plan. This step addresses how organizations should define their “teams” and tasks.

Business Continuity Training Part 3: Planning Process Step 6

The sixth of six steps addressed in this Business Continuity Training, which detail the process of building a business continuity plan. This step addresses how organizations should “test” their business continuity plans. View on YouTube

Last Updated: 12/21/2023

Return to top

  • Developing Your MVP
  • Incident Management
  • Needs Assessment Process
  • Product Development From Ideation to Launch
  • Visualizing Competitive Landscape
  • Communication Plan
  • Graphic Organizer Creator
  • Fault Tree Software
  • Bowman's Strategy Clock Template
  • Decision Matrix Template
  • Communities of Practice
  • Goal Setting for 2024
  • Meeting Templates
  • Meetings Participation
  • Microsoft Teams Brainstorming
  • Retrospective Guide
  • Skip Level Meetings
  • Visual Documentation Guide
  • Weekly Meetings
  • Affinity Diagrams
  • Business Plan Presentation
  • Post-Mortem Meetings
  • Team Building Activities
  • WBS Templates
  • Online Whiteboard Tool
  • Communications Plan Template
  • Idea Board Online
  • Meeting Minutes Template
  • Genograms in Social Work Practice
  • How to Conduct a Genogram Interview
  • How to Make a Genogram
  • Genogram Questions
  • Genograms in Client Counseling
  • Understanding Ecomaps
  • Visual Research Data Analysis Methods
  • House of Quality Template
  • Customer Problem Statement Template
  • Competitive Analysis Template
  • Creating Operations Manual
  • Knowledge Base
  • Folder Structure Diagram
  • Online Checklist Maker
  • Lean Canvas Template
  • Instructional Design Examples
  • Genogram Maker
  • Work From Home Guide
  • Strategic Planning
  • Employee Engagement Action Plan
  • Huddle Board
  • One-on-One Meeting Template
  • Story Map Graphic Organizers
  • Introduction to Your Workspace
  • Managing Workspaces and Folders
  • Adding Text
  • Collaborative Content Management
  • Creating and Editing Tables
  • Adding Notes
  • Introduction to Diagramming
  • Using Shapes
  • Using Freehand Tool
  • Adding Images to the Canvas
  • Accessing the Contextual Toolbar
  • Using Connectors
  • Working with Tables
  • Working with Templates
  • Working with Frames
  • Using Notes
  • Access Controls
  • Exporting a Workspace
  • Real-Time Collaboration
  • Notifications
  • Meet Creately VIZ
  • Unleashing the Power of Collaborative Brainstorming
  • Uncovering the potential of Retros for all teams
  • Collaborative Apps in Microsoft Teams
  • Hiring a Great Fit for Your Team
  • Project Management Made Easy
  • Cross-Corporate Information Radiators
  • Creately 4.0 - Product Walkthrough
  • What's New

Understanding the Essentials of a Business Continuity Plan

hero-img

In the face of unforeseen disruptions, a robust business continuity plan (BCP) is essential to preserve the trust of stakeholders. If you are able to seamlessly continue operations even in the face of sudden challenges, stakeholders are reassured of the company’s resilience and commitment to their interests.

In this blog post, we offer a comprehensive guide to business continuity planning, how it can benefit organizations and share key insights into Developing and Maintaining an Effective business continuity plan.

What is a Business Continuity Plan?

A business continuity plan (BCP) is an essential blueprint that outlines how a company will continue operating during an unplanned disruption in service. It’s more than just a reactive strategy; it’s a proactive measure to ensure that critical business functions can continue during and after a crisis. The purpose of a BCP is to provide a systematic approach to mitigate the potential impact of disruptions and maintain business operations at an acceptable predefined level.

The role of a BCP is crucial in maintaining operations during unforeseen events such as natural disasters, cyber-attacks, or any other incident that could interrupt business processes. By having a well-structured business continuity plan, organizations can:

  • Minimize downtime and ensure that essential functions remain operational
  • Protect the integrity of data and IT infrastructure
  • Maintain customer service and preserve stakeholder trust

Why is a Business Continuity Plan Important

Immediate Response : A BCP ensures that there is a predefined action plan, minimizing downtime and demonstrating control over the situation.

Transparent Communication : Keeping stakeholders informed during a crisis promotes transparency and maintains confidence in the company’s management.

Inclusive Planning : Involve stakeholders in the business continuity plan development process. Their insights can enhance the plan’s effectiveness and ensure their needs are addressed.

Consistency in Service : By prioritizing critical operations, a BCP helps maintain the quality and consistency of services or products, which is important for customer retention.

The absence of a business continuity plan can lead to a domino effect of negative outcomes, including a tarnished reputation and the potential loss of future business. Stakeholders remember how a company responds in a crisis, and a well-executed BCP can be the difference between a temporary setback and a long-term impact on the company’s image and relationships.

Elements of a Business Continuity Plan

When exploring various business continuity plan examples, certain common elements emerge as critical for their effectiveness. These elements serve as the backbone for a robust BCP plan, ensuring that businesses can maintain operations and protect their reputation during unforeseen events. Here are some of the key components found in successful BCP examples:

Risk Assessment and Business Impact Analysis : Identifying potential threats and assessing their impact on business operations is a foundational step in any BCP plan.

Crisis Communication Plan : A clear communication strategy is essential to manage stakeholder expectations and maintain trust.

Recovery Strategies : Detailed procedures for restoring business functions and services post-disruption are indispensable.

Employee Training and Awareness : Ensuring staff are well-prepared and knowledgeable about the BCP plan is crucial for its successful implementation.

Case studies of successful BCP implementations often highlight how these elements are tailored to fit specific business models and industries. For instance, a financial institution may focus heavily on data security and regulatory compliance within their BCP, while a manufacturing business might prioritize supply chain alternatives and on-site safety protocols. Regular testing and adjustment of these plans are also a common thread, underscoring the importance of adaptability and continuous improvement in business continuity planning.

Business Continuity Plan Toolkit

exit full-screen

Business Continuity vs. Disaster Recovery

It’s important to distinguish between a business continuity plan and a disaster recovery plan. While both are vital, a BCP is broader and focuses on the continuity of the entire business, whereas a disaster recovery plan is more technical and concentrates on the recovery of specific operations, such as IT services. Understanding these differences helps organizations allocate resources effectively and ensures comprehensive preparedness for any type of disruption. Understanding when to activate a business continuity plan (BCP) versus a disaster recovery plan is crucial for maintaining operational resilience.

To ensure a comprehensive crisis management strategy, consider the following integration points:

Pre-emptive Planning : Establish clear triggers for when each plan is activated. For instance, a BCP might be initiated in the face of a supply chain disruption, while disaster recovery would come into play during a data breach or server failure.

Unified Communication : Both plans should have a coordinated communication strategy to inform stakeholders and employees about the status and steps being taken.

Regular Testing : Conduct joint drills that test both the BCP and disaster recovery plans to identify any gaps or overlaps in procedures.

Continuous Improvement : Use insights from drills and actual incidents to refine both plans, ensuring they evolve with the changing business landscape and technological advancements.

By integrating both plans, organizations can navigate crises with agility and confidence, minimizing downtime and protecting their reputation. Tools like Creately, with features such as real-time collaboration and visual project management, can help create and maintain these critical plans, ensuring that all stakeholders are on the same page and ready to act when necessary.

Crisis Communication Strategies within Business Continuity Planning

A business continuity plan (BCP) is not just about responding to the crisis at hand, but also about how you communicate during the disruptions and the decisions you make. Here are some best practices to ensure your crisis communication and decision-making processes effective:

Clear Communication Channels : Establish predefined channels for internal and external communication. This ensures that messages are consistent and reach all stakeholders promptly.

Designated Spokespersons : Identify individuals who are authorized to speak on behalf of the company during a crisis. This helps maintain a unified voice and message.

Factual Updates : Provide regular, factual updates to keep stakeholders informed. Avoid speculation and commit to transparency.

Decision-Making Protocols : Implement decision-making protocols that are clear and allow for swift action. This includes having a chain of command and predefined criteria for making critical decisions.

Training and Simulations : Regularly train your crisis management team and conduct simulations to prepare for potential scenarios. This ensures that when a crisis does occur, your team is ready to act effectively.

By integrating these best practices into your BCP plan, you can maintain control during a crisis, make informed decisions, and communicate effectively with all parties involved. Remember, the goal is to protect your company’s operations, reputation, and stakeholder relationships during unexpected events.

Utilizing Business Continuity Plan Templates and Tools

When it comes to developing a robust business continuity plan (BCP), leveraging templates can offer a significant head start. These templates serve as a foundational framework that can be customized to align with the specific requirements of your business. Here’s why using BCP templates is advantageous:

Efficiency in Development : BCP templates provide a structured approach, ensuring that all critical elements are considered without starting from scratch. This saves valuable time and resources.

Consistency Across the Organization : Templates help maintain a uniform response strategy, which is crucial for coherent and coordinated action during a crisis.

Ease of Customization : While templates offer a general outline, they are designed to be adaptable. This means you can tailor them to reflect your business’s unique operational processes, risk profile, and recovery objectives.

Incorporating features like crisis response directions into your BCP template is essential. With Creately you can,

  • Visualize these procedures on an infinite canvas, ensuring clarity and accessibility for all team members.
  • Easily modify the plan as your business evolves, with the drag-and-drop functionality, making regular testing and adjustment a seamless process.
  • Create a central repository of information by having docs, links and attachments in the notes panel of any shape in your diagram.

Key Insights for Developing and Maintaining an Effective Business Continuity Plan

A robust business continuity plan (BCP) is not a ‘set it and forget it’ document; it requires ongoing attention and refinement. Here’s why regular testing, updates, and staff training are non-negotiables in business continuity:

Financial Protection : By regularly testing your BCP, you can identify and rectify gaps that could otherwise lead to significant financial losses during a crisis. It’s not just about having a plan, but ensuring it works effectively when you need it most.

Reputational Safeguarding : Your company’s reputation is on the line when disaster strikes. A well-rehearsed BCP means your team can respond swiftly and competently, preserving stakeholder trust and customer loyalty.

Customization for Evolving Threats : The threat landscape is constantly changing. Regular BCP reviews allow you to tailor your plan to new types of risks, ensuring your business remains resilient against the unforeseen.

Empowered Employees : Training staff on the BCP turns theory into practice. When every team member knows their role in a crisis, response times improve, and confusion is minimized.

Remember, a BCP is a living document. It thrives on the feedback loop created by regular drills and updates, ensuring that when a crisis does occur, your business is prepared not just to survive, but to continue operations with minimal disruption.

Join over thousands of organizations that use Creately to brainstorm, plan, analyze, and execute their projects successfully.

More Related Articles

AI SWOT Analysis: How to Leverage Artificial Intelligence for Business Insights

Hansani has a background in journalism and marketing communications. She loves reading and writing about tech innovations. She enjoys writing poetry, travelling and photography.

Advisory boards aren’t only for executives. Join the LogRocket Content Advisory Board today →

LogRocket blog logo

  • Product Management
  • Solve User-Reported Issues
  • Find Issues Faster
  • Optimize Conversion and Adoption

How to craft an effective business continuity plan

a business continuity plan helps organizations to operate at what level

Let me take you back in time to the United Kingdom in the 1970s. Punk music was gaining popularity, and the Sex Pistols entered the punk rock scene with the force of a shooting star, capturing fans’ attention.

How To Craft An Effective Business Continuity Plan

But as quickly as they arrived, they quickly left the scene. When they broke up in 1978 after a period of internal conflicts, legal troubles, and their frontman’s imprisonment, fans were left both shocked and surprised.

Just like the Sex Pistols, plenty of companies experience rapid growth and success, only to face unexpected challenges and internal conflicts that result in their downfall.

In this article, we’ll draw inspiration from the Sex Pistols’ turbulent journey to explore the concept of business continuity planning (BCP). We’ll look at what a BCP is, why you need one and delve into the strategies and contingency measures that can help you maintain your rhythm and continuity, even when faced with the inevitable storms that can disrupt your operations.

What is a business continuity plan?

A business continuity plan describes how you’ll continue your business when disaster hits. It is a structured strategy outlining how your organization will maintain essential functions when disaster strikes, to ensure minimal downtime and guarantee that operations continue.

Why do you need a BCP in place?

The BCP is crucial and revolves around ensuring your resilience and ability to continue operating in the face of unexpected disruptions, such as natural disasters, cyberattacks, or other emergencies.

Let’s look at it a bit closer, and understand some of the key reasons to have a BCP better:

Minimize downtime

Protect revenue and reputation, compliance and legal requirements, resource allocation, maintain customer service, employee safety.

A BCP helps you minimize downtime. It does this by providing a structured approach to quickly recover and resume your critical business functions.

Example: You’re a retail company with an extensive online presence. If your website experiences a cyberattack that takes it offline, a well-prepared BCP outlines the steps to take to mitigate the attack, get your website back up in no time, and allow you to continue serving your customers.

No one likes disruptions as they result in revenue loss and can damage your reputation. A BCP helps you protect against financial losses and keep customer trust.

Example: You’re the owner of a restaurant chain with multiple locations and one of your branches has a food safety crisis. A BCP can guide you in managing the crisis, ensuring food safety compliance, and communicating effectively with customers to maintain trust in the brand and other locations.

Some industries, like the financial, and pharma industries, have regulatory requirements that mandate businesses to have BCPs in place. Failure to do so has legal and financial consequences.

Example: You’re the owner of a FinTech company. You are required by regulators to have robust BCPs to ensure customer data security and financial system stability.

When a crisis hits you need the right resources to get you back up and running. A BCP helps allocate resources effectively during a crisis, ensuring that personnel, equipment, and materials are used efficiently to address the most critical needs.

a business continuity plan helps organizations to operate at what level

Over 200k developers and product managers use LogRocket to create better digital experiences

a business continuity plan helps organizations to operate at what level

Example: You’re a manufacturing company hit by a sudden supply chain disruption because the Suez Canal is blocked again. You use your BCP to allocate available resources to meet customer demands and minimize production delays.

When all hell breaks loose you want to make sure customer experience takes a minimum blow. A BCP outlines measures to maintain customer service and communication, so customers receive timely updates and support.

Example: You run an airline and there is a labor strike. Your BCP tells you how to manage customer inquiries, rebook affected passengers, and maintain a level of service.

Let’s not forget about the well-being of your employees. During a crisis, this is a top priority. A BCP includes procedures for evacuations, remote work arrangements, and employee support.

Example: There is a fire at your workplace. The BCP outlines evacuation routes, assembly points, and contact information for employees to report their safety status.

Business continuity planning: Steps for success

That’s a lot of reasons, right? Now that we addressed the necessity and urgency of having BCP, let’s look at 5 steps to creating a successful one:

  • Analyze your company
  • Assess the risk
  • Create the procedures
  • Get the word out
  • Iterate and improve

1. Analyze your company

In this phase you conduct an analysis to identify critical activities, determine which activities must continue, which can be temporarily paused, and which can operate at a reduced capacity.

You then assess the financial impact of disruptions. This involves asking yourself the question, “How long can I operate without generating revenue and incurring recovery costs?”

As this step covers your whole company, it’s important to get key stakeholders involved from the beginning.

2. Assess the risk

Now you have a good overview of your critical processes and the impact of disruption. At this point, pivot your attention to the risks they face, how well you can handle when things don’t work as usual, and how long you can manage if things go wrong.

The goal here is to understand what could go wrong and find ways to avoid, reduce, or transfer them. This assessment will help you strengthen your preparedness and resilience.

More great articles from LogRocket:

  • How to implement issue management to improve your product
  • 8 ways to reduce cycle time and build a better product
  • What is a PERT chart and how to make one
  • Discover how to use behavioral analytics to create a great product experience
  • Explore six tried and true product management frameworks you should know
  • Advisory boards aren’t just for executives. Join LogRocket’s Content Advisory Board. You’ll help inform the type of content we create and get access to exclusive meetups, social accreditation, and swag.

Think about risks specific to your industry and location

It’s important to consider both internal (e.g. an IT system failure or employee shortage) and external threats (e.g. a natural disaster or supply chain disruption) to your critical business activities.

3. Create the procedures

Once you analyze and assess, you need to create procedures.

Develop detailed, step-by-step procedures to minimize risks to your organization’s people, operations, and assets. This can include changes to your operating model, such as using alternative suppliers or implementing remote work options.

4. Get the word out

A plan is just a plan and no one will know how to act if you don’t communicate.

This step is all about communication. Integrate the BCP into your operations, policies, and company culture, and train, test, and communicate with your employees.

And don’t forget that communication is not limited to your company only. Communicate with external stakeholders, customers, suppliers, and so forth.

5. Iterate and improve

Before implementing your BCP ensure its effectiveness.

Don’t worry there are plenty more options to test your BCP. Consider involving external stakeholders or vendors as it makes exercises more realistic. Frequently train those who are accountable for executing the BCP.

After experiencing a real incident or conducting a training exercise, update your plan to improve its ability to protect your business. Keep in mind that both your organization’s development and the circumstances you operate in change, so a regular review isn’t a luxury but a necessity.

How to structure your continuity plan

Now you have a high-level understanding, let’s look at how to structure your business continuity plan.

You can find a copy of the template I use here .

Make sure to include the following sections in your BCP:

Version history

Executive summary, functions and process prioritization, plan activation, governance and responsibilities, recovery plans, crisis communication plan, emergency location and contents, review and testing.

This section shows the revision history. It includes the version numbers of the changes made, by whom, when, and who approved the changes. The revision history allows anyone reading the BCP to understand how it has evolved over time.

The executive summary provides a brief summary of the key objectives, goals, scope, and applicability of the BCP.

This chapter outlines the critical functions and processes in scope of continuation in case of a disastrous event.

This section refers to the risk and business impact assessment outcome. Its aim is to set out what triggers the activation of the plan.

Governance and responsibilities talks about who has to act when the BCP is activated. It includes the members, a description of their responsibilities, contact details of the BCP team, and the chain of command during a crisis.

This section builds upon the business continuity strategies, specifically the one chosen when a disaster occurs. It describes the detailed recovery plans for each critical function, the procedures for restarting operations, resource allocation, and recovery time objectives (RTOs).

Here you cover the internal and external communication strategies. You also address employee awareness and training activities.

Now there is a good chance the disaster will require your crucial activities to temporarily continue at a different location. This section covers all details about the location and what needs to be available at the location.

The BCP is to be tested to reduce the risk of missing things or even worse failing. Here jot down the testing procedures and document results and lessons learned.

This section includes all appendices. Think about the following

  • Supporting documents, such as contact lists, maps, and technical specifications
  • References to external standards, guidelines, or regulations
  • Training programs for BCP team members
  • Review of insurance policies
  • Financial reserves and funding for recovery efforts
  • Procedures for keeping the BCP documentation up to date

Business continuity plan example

Earlier this year, the Koninklijke Nederlands Voetbal Bond (KNVB), which is the Royal Dutch Football Association, was hit by ransomware. The cyberattackers threatened to share personally identifiable information captured and the KNVB paid over one million euros to avoid this from happening.

What could have been done to mitigate the ransomware attack risk?

The Risk of the attack to succeed could have been mitigated with:

  • Regular data backups
  • Segmentation of networks
  • Intrusion detection systems

How to ensure business continuity in case of ransomware?

In response to the ransomware incident, and to allow for continued business as usual as soon as possible, steps could include:

  • Isolating affected systems
  • Activating backups
  • Notifying law enforcement
  • Engaging with a cybersecurity incident response team

Key takeaways

A business continuity plan (BCP) is like a safety net for your business when things go haywire. It helps you keep going, avoiding downtime, revenue loss, and reputation hits. On top of that, it’s a legal must in certain industries.

To make a solid BCP, just follow five steps: figure out what’s crucial for your business, spot the risks, plan how to bounce back, make sure everyone knows the plan, and keep fine-tuning it.

Structurally, your BCP should have sections like history, a quick guide, what’s most important, when to activate it, who’s in charge, the nitty-gritty recovery plans, how communication is done, where to go in a crisis, how to test the BCP works, and some extra info.

Featured image source: IconScout

LogRocket generates product insights that lead to meaningful action

Get your teams on the same page — try LogRocket today.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • #collaboration and communication
  • #project management

a business continuity plan helps organizations to operate at what level

Stop guessing about your digital experience with LogRocket

Recent posts:.

Ayan Basu Leader Spotlight

Leader Spotlight: Localizing global products, with Ayan Basu

Ayan Basu talks about what it’s like to work on a product that spans more than 160 countries and differs slightly in various markets.

a business continuity plan helps organizations to operate at what level

How availability heuristics shape product thinking

Availability heuristics refer to your brain preferring to use information that’s readily available at the expense of being comprehensive.

a business continuity plan helps organizations to operate at what level

Leader Spotlight: Meeting customers where they are, with Bernadette Fisher

Bernadette Fishertalks about ButcherBox’s product offerings and how they have changed over time to meet customers where they are.

What To Do If Your Customers Dont Want To Talk To You

What if your customers don’t want to talk to you?

Startups with fewer than 500 customers and startups targeting niche target audiences especially have a hard time.

a business continuity plan helps organizations to operate at what level

Leave a Reply Cancel reply

  • Artificial Intelligence
  • Generative AI
  • Business Operations
  • Cloud Computing
  • Data Center
  • Data Management
  • Emerging Technology
  • Enterprise Applications
  • IT Leadership
  • Digital Transformation
  • IT Strategy
  • IT Management
  • Diversity and Inclusion
  • IT Operations
  • Project Management
  • Software Development
  • Vendors and Providers
  • United States
  • Middle East
  • Italia (Italy)
  • Netherlands
  • United Kingdom
  • New Zealand
  • Data Analytics & AI
  • Newsletters
  • Foundry Careers
  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Copyright Notice
  • Member Preferences
  • About AdChoices
  • Your California Privacy Rights

Our Network

  • Computerworld
  • Network World

How to create an effective business continuity plan

A business continuity plan outlines procedures and instructions an organization must follow in the face of disaster, whether fire, flood, or cyberattack. Here’s how to create a plan that gives your business the best chance of surviving such an event.

Professional Meeting: Senior Businesswoman and Colleague in Discussion

The tumultuous events of the past several years have impacted practically every business. And with the number of extreme weather events, cyberattacks, and geopolitical conflicts continuing to rise, business leaders are bracing for the possibility of increasingly more frequent impactful incidents their organizations will need to respond to.

According to PwC’s 2023 Global Crisis and Resilience Survey , 96% of 1,812 business leaders said their organizations had experienced disruption in the past two years and 76% said their most serious disruption had a medium to high impact on operations.

It’s little wonder then that 89% of executives list resilience as one of their most important strategic priorities.

Yet at the same time, only 70% of respondents said they were confident in their organization’s ability to respond to disruptions, with PwC noting that its research shows that too many organizations “are lacking the foundational elements of resilience they need to be successful.”

A solid business continuity plan is one of those foundational elements.

“Every business should have the mindset that they will face a disaster, and every business needs a plan to address the different potential scenarios,” says Goh Ser Yoong, head of compliance at Advance.AI and a member of the Emerging Trends Working Group at the professional governance association ISACA.

A business continuity plan gives the organization the best shot at successfully navigating a disaster by providing ready-made directions on who should do what tasks in what order to keep the business viable.

Without such as a plan, the organization will take longer than necessary to recover from an event or incident — or may never recover at all.

What is a business continuity plan?

A business continuity plan (BCP) is a strategic playbook created to help an organization maintain or quickly resume business functions in the face of disruption, whether that disruption is caused by a natural disaster, civic unrest, cyberattack, or any other threat to business operations.

A business continuity plan outlines the procedures and instructions that the organization must follow during such an event to minimize downtime, covering business processes, assets, human resources, business partners, and more.

A business continuity plan is not the same as a disaster recovery plan , which focuses on restoring IT infrastructure and operations after a crisis. Still, a disaster recovery plan is part of the overall strategy to ensure business continuity, and the business continuity plan should inform the action items detailed in an organization’s disaster recovery plan. The two are tightly coupled, which is why they often are considered together and abbreviated as BCDR.

Why business continuity planning matters

Whether you operate a small business or a large corporation, it’s vital to retain and increase your customer base. There’s no better test of your capability to do so than right after an adverse event.

Because restoring IT is critical for most companies, numerous disaster recovery solutions are available. You can rely on IT to implement those solutions. But what about the rest of your business functions? Your company’s future depends on your people and processes. Being able to handle any incident effectively can have a positive effect on your company’s reputation and market value, and it can increase customer confidence.

Moreover, there are increasing consumer and regulatory expectations for both enterprise security and continuity today. Consequently, organizations must prioritize continuity planning to prevent not only business losses, but financial, legal, reputational, and regulatory consequences.

For example, the risk of having an organization’s “license to operate” withdrawn by a regulator or having conditions applied (retrospectively or prospectively) can adversely affect market value and consumer confidence.

Building (and updating) a business continuity plan

Whether building the organization’s first business continuity plan or updating an existing one, the process involves multiple essential steps.

Assess business processes for criticality and vulnerability: Business continuity planning “starts with understanding what’s most important to the business,” says Joe Nocera, principle in the cyber risk and regulatory practice at PwC, a professional services firm.

So the first step in building your business continuity plan is assessing your business processes to determine which are the most critical; which are the most vulnerable and to what type of events; and what are the potential losses if those processes go down for a day, a few days, or a week.

“This step essentially determines what you are trying to protect and what you are trying to keep up for systems,” says Todd Renner, senior managing director in the cybersecurity practice at FTI Consulting.

This assessment is more demanding than ever before because of the complexity of today’s hybrid workplace, the modern IT environment, and the reliance on business partners and third-party providers to perform or support critical processes.

Given that complexity, Goh says a thorough assessment requires an inventory of not only key processes but also the supporting components — including the IT systems, networks, people, and outside vendors — as well as the risks to those components.

This is essentially a business impact analysis.

Determine your organization’s RTO and RPO: The next step in building a business continuity plan is determining the organization’s recovery time objective (RTO), which is the target amount of time between point of failure and the resumption of operations, and the recovery point objective (RPO), which is the maximum amount of data loss an organization can withstand.

Each organization has its own RTO and RPO based on the nature of its business, industry, regulatory requirements, and other operational factors. Moreover, different parts of a business can have different RTOs and RPOs, which executives need to establish, Nocera says.

“When you meet with individual aspects of the business, everyone says everything [they do] is important; no one wants to say their part of the business is less critical, but in reality you have to have those challenging conversations and determinations about what is actually critical to the business and to business continuity,” he adds.

Detail the steps, roles, and responsibilities for continuity: Once that is done, business leaders should use the RTO and the RPO, along with the business impact analysis, to determine the specific tasks that need to happen, by whom, and in what order to ensure business continuity.

“It’s taking the key components of your analysis and designing a plan that outlines roles and responsibilities, about who does what. It gets into the nitty-gritty on how you’re going to keep the company up and running,” Renner explains.

One common business continuity planning tool is a checklist that includes supplies and equipment, the location of data backups and backup sites, where the plan is available and who should have it, and contact information for emergency responders, key personnel, and backup site providers.

Although the list of possible scenarios that could impact business operations can seem extensive, Goh says business leaders don’t have to compile an exhaustive list of potential incidents. Rather, they should compile a list that includes likely incidents as well as representative ones so that they can create responses that have a higher likelihood of ensuring continuity even when faced with an unimagined disaster.

“So even if it’s an unexpected event, they can pull those building blocks from the plan and apply them to the unique crisis they’re facing,” Nocera says.

The importance of testing the business continuity plan

Devising a business continuity plan is not enough to ensure preparedness; testing and practicing are other critical components.

Renner says testing and practicing offer a few important benefits.

First, they show whether or how well a plan will work.

Testing and practicing help prepare all stakeholders for an actual incident, helping them build the muscle memory needed to respond as quickly and as confidently as possible during a crisis.

They also help identify gaps in the devised plan. As Renner says: “Every tabletop exercise that I’ve ever done has been an eye-opener for everyone involved.”

Additionally, they help identify where there may be misalignment of objectives. For example, executives may have deprioritized the importance of restoring certain IT systems only to realize during a drill that those are essential for supporting critical processes.

Types and timing of tests

Many organizations test a business continuity plan two to four times a year. Experts say the frequency of tests, as well as reviews and updates, depends on the organization itself — its industry, its speed of innovation and transformation, the amount of turnover of key personnel, the number of business processes, and so on.

Common tests include tabletop exercises , structured walk-throughs, and simulations. Test teams are usually composed of the recovery coordinator and members from each functional unit.

A tabletop exercise usually occurs in a conference room with the team poring over the plan, looking for gaps and ensuring that all business units are represented therein.

In a structured walk-through, each team member walks through his or her components of the plan in detail to identify weaknesses. Often, the team works through the test with a specific disaster in mind. Some organizations incorporate drills and disaster role-playing into the structured walk-through. Any weaknesses should be corrected and an updated plan distributed to all pertinent staff.

Some experts also advise a full emergency evacuation drill at least once a year.

Meanwhile, disaster simulation testing — which can be quite involved — should still be performed annually. For this test, create an environment that simulates an actual disaster, with all the equipment, supplies and personnel (including business partners and vendors) who would be needed. The purpose of a simulation is to determine whether the organization and its staff can carry out critical business functions during an actual event.

During each phase of business continuity plan testing, include some new employees on the test team. “Fresh eyes” might detect gaps or lapses of information that experienced team members could overlook.

Reviewing and updating the business continuity plan should likewise happen on an ongoing basis.

“It should be a living document. It shouldn’t be shelved. It shouldn’t be just a check-the-box exercise,” Renner says.

Otherwise, plans go stale and are of no use when needed.

Bring key personnel together at least annually to review the plan and discuss any areas that must be modified.

Prior to the review, solicit feedback from staff to incorporate into the plan. Ask all departments or business units to review the plan, including branch locations or other remote units.

Furthermore, a strong business continuity function calls for reviewing the organization’s response in the event of an actual event. This allows executives and their teams to identify what the organization did well and where it needs to improve.

How to ensure business continuity plan support, awareness

One way to ensure your plan is not successful is to adopt a casual attitude toward its importance. Every business continuity plan must be supported from the top down. That means senior management must be represented when creating and updating the plan; no one can delegate that responsibility to subordinates. In addition, the plan is likely to remain fresh and viable if senior management makes it a priority by dedicating time for adequate review and testing.

Management is also key to promoting user awareness. If employees don’t know about the plan, how will they be able to react appropriately when every minute counts?

Although plan distribution and training can be conducted by business unit managers or HR staff, have someone from the top kick off training and punctuate its significance. It’ll have a greater impact on all employees, giving the plan more credibility and urgency.

Related content

Unleashing the power of banks’ data with generative ai, the generative ai revolution is transforming how banks work, sap names philipp herzig as chief artificial intelligence officer, adp’s cloud transformation pays dividends, from our editors straight to your inbox, show me more, why tomago aluminium reversed course on its cloud journey.

Image

Microsoft invests €3.2 billion in AI and in the cloud Germany

Image

Henkel embraces gen AI as enabler and strategic disruptor

Image

CIO Leadership Live UK with Graham OSullivan, CIO, OneFamily

Image

CIO Leadership Live Canada with Lekan Olawoye, Founder, BPTN

Image

CIO Leadership Live Australia with Brett Reedman, Chief Information Officer, Catholic Healthcare

Image

CIO Leadership Live UK with Graham O'Sullivan, CIO, OneFamily

Image

The Workplace Changes Companies Aren’t Prepared For

Image

Sponsored Links

  • Experience the comprehensive solution that provides end-to-end visibility across applications, infrastructure, and network layers. Plus improve your IT operations and enhance overall business performance. Sign up for a Free Trial and explore the benefits
  • Want to justify your IT investments faster? IDC reports on how to measure business impact.
  • Read this IDC spotlight to learn what commonly prevents value realization – and how to solve it
  • Skip to content
  • Skip to search
  • Skip to footer

What Is Business Continuity?

What is business continuity

Business continuity is an organization's ability to maintain or quickly resume acceptable levels of product or service delivery following a short-term event that disrupts normal operations. Examples of disruptions range from natural disasters to power outages.

  • Watch video (1:14)
  • Business continuity

Contact Cisco

  • Get a call from Sales

Call Sales:

  • 1-800-553-6387
  • US/CAN | 5am-5pm PT
  • Product / Technical Support
  • Training & Certification

Is business continuity the same as business resilience or disaster recovery?

Business continuity, disaster recovery, and business resilience are not the same, but they are related.

  • Business continuity is a process-driven approach to maintaining operations in the event of an unplanned disruption such as a cyber attack or natural disaster. Business continuity planning covers the entire business—processes, assets, workers, and more. It isn't focused solely on IT infrastructure and business systems.
  • Business resilience encompasses crisis management and business continuity. It requires a response to all types of risk that an organization may face. An organization that is business resilient is essentially in a constant state of "expecting the unexpected." It means continuously preparing to meet disruptions head-on, including events of extended duration that may affect more than one facility or region.
  • Disaster recovery focuses specifically on how to restore an enterprise's IT infrastructure and business systems following a disruption. It is considered an element of business continuity. A business continuity plan (BCP) might contain several disaster recovery plans, for example.

What is a business continuity strategy?

A business continuity strategy is a summary of the mitigation, crisis, and recovery plans to be implemented after a disruption to resume normal operations. "Business continuity strategy" is often used interchangeably with "business continuity plan." Both consider the broader goals, legal and regulatory requirements, personnel, and even the business's clients and partners.

What does a business continuity plan mitigate?

A relevant and well-tested BCP can help ease the negative impacts of an unexpected business disruption in many ways.

  • Financial impact: Disruptions to product supply chains and critical services to customers can directly affect sales and revenue. Downtime caused by unplanned disruptions can also result in higher costs for a business as it looks to repair operations and mitigate previously unidentified threats.
  • Reputation and brand impact: Failure to resume operations quickly and supply customers with the products or services they expect can prompt customer defections and tarnish the brand. Damage to reputation can in turn cause investors and capital sources to pull back funding, exacerbating the financial impact of a business disruption.
  • Regulatory impact: Customers and vendors are likely to complain when businesses fail to respond appropriately to disruptions, which may result in regulatory scrutiny or even censure. In highly-regulated industries, such as energy and financial services, business continuity planning is mandatory to ensure regulatory compliance.

Business continuity planning activities

A well-crafted and tested BCP can go a long way toward helping a business recover swiftly from a disruption. These are key steps a business may want to take.

Identifying critical business areas and functions

Business continuity planning begins with identifying an organization's key business areas and the critical functions within those areas. A business needs to determine and document the acceptable downtime for each area and function considered vital to operations. Then a plan to restore operations can be established, documented, and communicated.

Analyzing risks, threats, and potential impacts

Creating appropriate response scenarios requires knowing what disruptions the business could experience. An upfront analysis of risks and threats is necessary in order to prepare contingency responses to events. Organizations can also conduct a back-end analysis after an event to gather metrics and assess lessons learned. This information can drive improvements in how the business responds to disruptions.

Outlining and assigning responsibilities

A BCP details which personnel will be responsible for implementing specific aspects of the plan. It also identifies key decision-makers and a chain of command. The plan should include alternative options in case primary personnel are incapacitated or unavailable to respond to the disruption.

Defining and documenting alternatives

A business continuity plan should define and document alternative communication strategies in case telephone services or the internet are down. Enterprises should also have alternatives for mission-critical spaces such as data centers or manufacturing facilities in case buildings are damaged.

Assessing the need for critical backups

Essential equipment may be damaged or unavailable during a disruptive event. A business should consider whether it has access to backup equipment and uninterruptible power supplies (UPS) during extended power outages. Business-critical data needs to be backed up regularly, and is mandatory in many regulated industries.

Testing, training, and communication

Business continuity plans need to be tested to ensure they will be effective. (Disaster recovery plans should be tested as well.) A best practice is to conduct a plan review at least quarterly with leadership and key team members who are responsible for executing the plan.

Many companies use role-playing sessions, simulations, and other types of exercises several times per year to test their BCPs. This approach helps to identify gaps, develop strategies for improvement, and determine if more resources are needed. Targeted staff training and communicating to the whole workforce the benefits of having a business continuity plan are also vital to its success.

Related products and solutions

  • Cisco Webex Contact Center
  • Virtual Desktop Infrastructure (VDI)
  • Cisco Intersight Workload Optimizer
  • AppDynamics Application Performance Management
  • ThousandEyes End User Monitoring
  • ThousandEyes Endpoint Agents

You may also like…

  • Cisco’s Business Resiliency Strategy
  • Business Continuity Blogs
  • Business Continuity Planning

a business continuity plan helps organizations to operate at what level

Business Continuity Planning: Ensuring the Resilience of Your Organization

Let’s explore the intricacies of business continuity planning, from understanding its importance to implementing a robust strategy that safeguards your enterprise.

Published by Orgvue   November 20, 2023

Home > Resources > article > Business Continuity Planning: Ensuring the Resilience of Your Organization

In an unpredictable world, the ability to sustain your business’s essential functions and operations, even in the face of disruptions, is paramount.

a business continuity plan helps organizations to operate at what level

Business continuity planning is the framework that ensures your organization can weather storms, both literal and metaphorical.

What is Business Continuity Planning?

At its core, business continuity planning is the process of developing a proactive strategy to ensure an organization’s critical functions and operations can continue in the face of unforeseen disruptions.

It encompasses a range of activities, from risk assessment to the creation of detailed recovery plans, with the ultimate goal of minimizing downtime and ensuring the organization’s resilience.

The Importance of Business Continuity Planning

The importance of being prepared for various external and internal factors cannot be overstated. While many businesses have a standard business plan, not all of them consider the potential disruptions caused by natural calamities, economic downturns, or other unexpected events. Business continuity planning is the key to ensuring a company’s sustained operation, regardless of the challenges it may face.

Business continuity planning goes beyond the traditional business plan. While a business plan outlines goals and strategies for growth, a continuity plan focuses on how the organization will continue to function in the face of adversity. It involves identifying potential risks and developing strategies to mitigate and recover from them. Whether it’s a natural disaster, a cyberattack or an economic recession, having a well-thought-out strategic plan is essential for business survival.

One of the most significant threats to businesses is an economic downturn, such as a recession. During these challenging times, consumer spending often decreases, and businesses may face financial instability. A recession can have a ripple effect on companies of all sizes, causing decreased revenue, layoffs, and even closures.

For a detailed look at the impact of recessions on businesses, read how to prepare for a recession , which delves into strategies for navigating these challenging economic conditions.

Business strategy planning is not just about surviving during tough times; it’s also crucial for capitalizing on periods of growth. When businesses experience an upturn, they often need to scale rapidly to meet increased demand. Having a continuity plan in place allows for a smoother transition during periods of growth, ensuring that the infrastructure, resources and workforce can adapt effectively.

The financial consequences of not having a business continuity plan can be devastating. Without a plan in place, businesses are more vulnerable to unexpected disruptions, which can result in significant financial losses. These losses may come from increased downtime, lost revenue, legal liabilities, reputational damage and the costs associated with recovery efforts.

Considerations for Business Continuity Planning

Creating a robust business continuity plan is a complex task that involves a multitude of factors. Among these considerations, three key aspects stand out: cultural differences, limited resources and alignment with business objectives. A successful business strategy plan takes these factors into account to ensure that an organization can effectively respond to disruptions while maintaining its core values and strategic direction.

1. Cultural Differences

Cultural diversity is a significant consideration in business strategy planning, especially for multinational companies or organizations with a diverse workforce. Cultural differences can influence how employees perceive and respond to crises. When developing a business continuity plan, it is important to consider the following aspects:

  • Communication Styles : Different cultures have varying communication norms and hierarchies. Understanding how employees from various cultural backgrounds communicate during a crisis can help in crafting effective crisis communication strategies.
  • Decision-Making Processes : Some cultures prioritize consensus-driven decision-making, while others lean towards hierarchical authority. A business continuity plan should acknowledge these differences and provide flexibility in decision-making approaches during disruptions.
  • Crisis Response Expectations : Cultural expectations can shape how employees expect the organization to respond to a crisis. Your business strategy plan should be sensitive to these expectations and ensure that response strategies align with cultural norms.

2. Limited Resources

For many businesses, resource constraints are a reality. When developing a business continuity plan, it’s crucial to consider the organization’s resource limitations, such as budget, personnel and technology. Here are some key considerations:

  • Resource Allocation : Prioritize critical functions and allocate resources accordingly. Not all business processes are equally important, and a business continuity plan should identify and protect the most essential ones first.
  • Efficiency and Scalability : Develop strategies that focus on efficiency and scalability. Efficient resource use is critical, and a business strategy plan should outline how to adapt to changing resource constraints during a crisis.
  • Collaboration : Collaboration with external partners, such as suppliers, can be a resource-saving strategy. Establishing relationships with partners who can provide support during disruptions is a valuable aspect.

3. Business Objectives

A business continuity plan should align with the broader business objectives to ensure that it doesn’t hinder growth or innovation. Consider the following aspects:

  • Market Expansion:  If the organization’s objective is to expand into new markets, the business strategy plan should accommodate this goal. It should address the challenges and opportunities that come with market expansion, including regulatory compliance and logistical considerations.
  • Relocation or Migration : If there are plans to relocate or migrate operations, the business continuity plan should include strategies for a seamless transition. This may involve considerations such as data migration, employee relocation and continuity of customer service.
  • Competitive Landscape : Changes in the competitive landscape, such as the emergence of new competitors, can impact the organization’s continuity. The business strategy plan should be flexible enough to adapt to shifts in the competitive environment.
  • The COVID-19 pandemic forced companies to adapt rapidly, with remote work becoming the norm for many, reshaping entire industries like healthcare and e-commerce.
  • The global recession of 2008 had long-lasting effects on financial institutions and prompted regulatory changes that influenced business operations.
  • The rise of the internet transformed countless businesses, from retail to media, and required adaptation to online platforms.
  • Looking ahead, emerging technologies like artificial intelligence have the potential to disrupt industries in unprecedented ways, with automation and data-driven decision-making reshaping the future of work. These events emphasize the critical importance of adaptable and comprehensive business continuity planning to navigate the unpredictable landscape of our ever-evolving world.

Developing a Strategic Business Plan

A well structured business plan serves as a roadmap for your organization, guiding actions and decisions while enabling effective response to a dynamic business environment.

  • Conduct a comprehensive assessment of the current state of the business.
  • Review financial statements, market positioning and operational performance.
  • Identify strengths, weaknesses, opportunities and threats.
  • Evaluate the company’s internal resources and capabilities.
  • Analyze micro-environment factors such as competitors, customers, suppliers and regulatory changes.
  • Examine macro-environment factors like economic trends, technological advancements and political factors.
  • Use tools like PESTEL analysis and Porter’s Five Forces to assess the external business environment.
  • Clearly define short-term and long-term business objectives.
  • Make objectives specific, measurable, achievable, relevant and time-bound (SMART).
  • Align objectives with the company’s mission and vision.
  • Identify key operational processes that drive business success.
  • Evaluate the efficiency and effectiveness of these processes.
  • Prioritize improvements in critical areas to align with strategic objectives.
  • Plan for potential risks and uncertainties that could impact the business.
  • Create contingency and crisis management strategies.
  • Establish a risk management framework to mitigate and respond to unforeseen events.
  • Implement key performance indicators (KPIs) to track progress.
  • Regularly review and revise the business plan based on changing market conditions.
  • Adapt to emerging opportunities and challenges.
  • Ensure that the strategic plan is communicated effectively throughout the organization.
  • Secure buy-in and commitment from employees at all levels.
  • Ensure that all team members understand their roles in achieving the plan’s objectives.
  • Allocate resources, including finances and manpower, in alignment with the strategic priorities.
  • Develop a budget that reflects the financial requirements of the plan.
  • Monitor spending and adjust budgets as needed.
  • Develop a timeline and action plan for the execution of the strategic initiatives.
  • Assign responsibilities to specific teams or individuals.
  • Regularly review progress and make adjustments to stay on track.
  • Periodically evaluate the effectiveness of the strategic plan.
  • Solicit feedback from employees, customers and stakeholders.
  • Use feedback to make continuous improvements and refine the plan.
  • Establish a system for measuring and reporting progress.
  • Create dashboards or reports to communicate key metrics to stakeholders.
  • Ensure that performance data aligns with the defined objectives.
  • Incorporate sustainability and responsible growth practices into the plan.
  • Address social and environmental impacts as part of corporate responsibility.
  • Seek opportunities for sustainable growth and innovation.
  • Develop scenarios that explore alternative future situations.
  • Consider various outcomes and their implications on the business.
  • Prepare for different scenarios to enhance adaptability.
  • Leverage technology for data analytics, automation, and efficiency.
  • Stay updated on emerging technologies that can support the strategic plan.
  • Integrate technology solutions to enhance business processes.

Implementing a Business Continuity Plan

a business continuity plan helps organizations to operate at what level

 Importance of Training and Awareness:

  • Awareness:  Create awareness about the business continuity plan across the organization to foster a culture of preparedness. This includes educating employees on the potential risks and the importance of the plan.

 Consistent Review of the Plan:

  • Conduct post-incident reviews to assess the BCP’s performance after a real event and make necessary adjustments.

 Address Cultural and Technological Issues:

  • Technological Challenges: Recognize and mitigate technological hurdles that can hinder the plan’s execution, such as infrastructure limitations or cybersecurity threats. Ensure that IT systems are resilient and can support the plan.

 Software Integration:

  • Organizational design software like Orgvue can assist in visualizing and optimizing the organizational structure, enabling efficient allocation of resources and responsibilities during a disruption.

Business continuity planning is not merely a precaution but a strategic imperative for any organization. It provides a structured approach to safeguarding business operations in the face of unforeseen disruptions, thereby minimizing downtime and potential financial losses.

By fostering a culture of preparedness, training employees, regularly reviewing and adapting the plan, addressing cultural and technological issues, and leveraging software solutions like Orgvue for organizational design, businesses can ensure their resilience and adaptability in an ever-changing landscape.

For businesses with specific 1-5 year plans, the integration of business strategy planning is paramount. It aligns seamlessly with forward-looking strategies by fortifying the organization’s ability to execute those plans in the face of unexpected events.

By weaving business continuity considerations into your strategic framework, you not only protect your investments but also demonstrate your commitment to long-term success, customer trust and stakeholder confidence. The benefits of such foresight extend far beyond mitigating risk; they empower your business to thrive in an increasingly unpredictable world. Therefore, it is recommended that businesses of all sizes prioritize and integrate business continuity planning as an integral part of their strategic vision and ongoing operations.

Business Continuity Plan FAQs

● where does business continuity planning belong in an organization.

Depending on the organization’s culture, the department your business continuity plan falls under varies. IT is usually one of the most vital components of any business strategy plan, in which case it could belong under the IT department. Or, if financial impacts are your organization’s main concern, the finance department may need to run the plan.

● Who Is Responsible For the Business Continuity Plan?

The business continuity plan usually falls under the responsibility of a dedicated role or department, often led by a Business Continuity Manager, who reports to senior leadership. This individual or team is responsible for creating, implementing, and regularly updating the plan to ensure the organization’s resilience in the face of disruptions.

● Is Business Continuity Planning a Legal Requirement?

It is not always a legal requirement, but certain industries and jurisdictions may have regulations or standards that mandate organizations to have such plans in place to ensure operational resilience and preparedness for emergencies.

● What Role Can Business Continuity Planning Play In Recovering From an Incident?

It plays a crucial role in helping organizations recover from incidents by providing a structured framework to assess, respond to and mitigate the impact of disruptions, minimizing downtime and financial losses. It outlines clear procedures and responsibilities, ensuring that essential operations can resume swiftly and efficiently, thus safeguarding the organization’s reputation and maintaining stakeholder trust.

● When Should a Business Continuity Plan Be Activated?

A business continuity plan should be activated as a preventative measure in the event a disruptive incident occurs. Triggers may include natural disasters, cyberattacks, supply chain disruptions or any event that threatens the continuity of critical business functions.

Accelerate workforce transformation

Use Orgvue to streamline your organization.

Cookie preferences updated. Close

Cookie Notice  This website stores cookies on your computer which are used to collect information about how you interact with our website and allow us to remember you. We use this information to improve your browsing experience and for analytics about our visitors on this website. To find out more about the cookies we use and how we responsibly manage your personal data please see our  Cookie Notice  and  Privacy Notice.

By accepting, you are opting in to the use of cookies for marketing and analytics. Otherwise only those necessary for the site to function will be used and no personally identifiable information will be stored.

5 Step Guide to Business Continuity Planning (BCP) in 2021

A business continuity plan provides a concrete plan to maintain business cohesion in challenging circumstances. Click here for the key steps that can help you formulate a formidable BCP.

A business continuity plan (BCP) is defined as a protocol of preventing and recovering from potentially large threats to the company’s business continuity. This article explains what a business continuity plan is today, its key benefits, and a step-by-step guide to creating a formidable plan.

Table of Contents

What is a business continuity plan (bcp), key benefits of having a business continuity plan, step-by-step guide to building a formidable business continuity plan (bcp) in 2021.

A business continuity plan (BCP) is a protocol of preventing and recovering from potentially large threats to the company’s business continuity. Such a plan often aims to address the need for updated business norms and operational standards in unpredictable circumstances such as natural disasters, data breach/ exposures, large scale system failures etc. The goal of such a plan is to ensure continuity of business with no or little damage to regular working environments, including job security for its employees.

It covers everything from business processes, human resources details, and more. Essentially a BCP provides a concrete plan to the organization to maintain business continuity even in challenging circumstances. 

Below are key reasons why businesses need to have a BCP today:

  • BCP’s relevance has gone up considerably after the outbreak of the COVID-19 pandemic and was also a major testing time for organizations that did have such a plan in place. The organizations which had a business continuity plan in place were better able to cope during these unprecedented circumstances better than those who did not have any such plans.
  • The recorded number of natural disasters has increased from 375 in 2016 to 409 in 2019 Opens a new window . Globally, the loss because of natural disasters was $232 billion in 2019, according to a study by Aon Opens a new window .
  • The number of cyberattacks has also increased in all geographies and all business verticals. MonsterCloud reported that cyberattacks have skyrocketed during the COVID-19 pandemic. All this means that the organizations have to be better prepared to fight disasters. The importance of BCP can hardly be exaggerated in this context. Preparing a BCP is imperative for any enterprise, big or small, today. 

The end goal of a BCP is to ensure that the essential services continue to run in the event of an incident. For instance, if there is an earthquake where your customer service representatives operate from, your BCP will be able to tell you who will handle customer calls until the original office is restored.

Also Read: What Is Disaster Recovery? Definition, Cloud and On-premise, Benefits and Best Practices

Difference between a business continuity plan (BCP) and disaster recovery plan (DCP)

A BCP is often confused with a disaster recovery (DR) plan. While a DR plan is primarily focused on restoring the IT systems and infrastructure, a BCP is much more than that. It covers all areas and departments of the organization, including HR, marketing and sales, support functions. 

The underlying thought behind BCP is that IT systems can hardly work in silos. Other departments also need to be restored to cater to the client or for meeting the business demands. 

“Many people think a disaster recovery plan (DRP) is the same as a business continuity plan, but a DRP is only a small, yet essential, a portion of a full BCP. A DRP focuses solely on restoring an organization’s IT infrastructure while minimizing data loss. On the other hand, a BCP is a comprehensive guide on how to continue the mission and business-critical operations during a time of an unplanned disruption (natural disasters, pandemics, or malware),” says Caleb Pipkin, a security expert at Logically . 

Whether a business is small, big, or medium-sized, it needs a ‘plan B’ to recover quickly in the event of a natural disaster or a crisis and can survive the disruption. BCP helps you dust yourself and get back to business quickly and easily. It means that the enterprise will be better placed to address their customers’ needs even in the wake of a disaster. 

On the other hand, the lack of a plan means that your organization will take longer to recover from an event or incident. It could also lead to loss of business or clients. Let’s look at some key benefits of BCP.

1. It is a roadmap to act in a disaster

A well-defined business continuity plan is like a roadmap during a disruption. It allows the firms to react swiftly and effectively and maintain business continuity. In turn, this leads to a faster and complete recovery of the enterprise in the shortest possible timeframe. It brings down the business downtime and outlines the steps to be taken before, during, and after a crisis and thus helps maintain its financial viability. 

2. Offers a competitive edge

Fast reaction and business continuity during a disruption allow organizations to gain a competitive edge over its business rivals. It can translate into a significant competitive advantage in the long run. Further, your clients will be more confident in your ability to perform in adverse circumstances allowing you to build a long and sustainable relationship with your business partners.

Developing competence to act and handle any unfavorable event effectively has a positive effect on the company’s reputation and market value. It goes a long way in enhancing customer confidence. 

Also Read: Top 8 Disaster Recovery Software Companies in 2021

3. Cuts down losses

Disasters have a considerable impact on all types of business, whether big or small. Business disruption can lead to financial, legal, and reputational losses. Failure to plan could be disastrous for businesses. You may lose your customers while trying to get your business on track. In the worst circumstances, you may not be able to recover at all. A well-defined business continuity strategy minimizes the damage to an organization and allows you to bring down these losses as much as possible. 

4. Enables employment continuity and protects livelihoods

One of the most significant consequences of a disaster is the loss of employment. The loss of livelihood can be curtailed to an extent if the business continues to function in the event of a disaster. It leads to greater confidence in the workforce that their jobs might not be at risk, and the management is taking steps to protect their jobs. It helps build confidence in senior management’s ability to respond to the business disruption in a planned manner. 

5. Can be life-saving

A regularly tested and updated BCP can potentially help save the lives of the employees and the customers during a disaster. For instance, if the BCP plan for fire is regularly tested, the speed with which the workforce acts can help save lives. 

6. Preserves brand value and develops resilience

Possibly the biggest asset of an organization is its brand. Being able to perform in uncertain times helps build goodwill and maintain its brand value and may even help mitigate financial and reputational loss during a disaster. 

BCP curtails the damage to the company’s brand and finances because of a disaster event. This helps bring down the cost of any incident and thus help the company be more resilient. 

Also Read: 10 Best Practices for Disaster Recovery Planning (DRP)

7. Enables adherence to compliance requirements

Having a BCP allows organizations to have additional benefits of complying with regulatory requirements. It is a legal requirement in several countries.

8. Helps in supply chain security

A precise BCP goes a long way in protecting the supply chain from damage. It ensures continuity in delivering products and services by being able to perform critical activities.

9. Enhances operational efficiency

One of BCP’s lesser-known benefits is that it helps identify areas of operational efficiency in the organization. Developing BCP calls for an in-depth evaluation of the company’s processes. This can potentially reveal the areas of improvement. Essentially, it gathers information that can benefit in enhancing the effectiveness of the processes and operations. 

Also Read: 7 Ways to Build an Effective Disaster Recovery and Business Continuity Plan  

The COVID-19 pandemic has put the spotlight on preparing for a disaster like never before. We make the job easier for you by listing out the key steps in building a formidable business continuity plan: 

How to Build a Business Continuity Plan

How to Build a Business Continuity Plan

Step 1: Risk assessment 

This phase involves asking crucial questions to evaluate the risks faced by the company. What are the likely business threats and disruptions which are most likely to occur? What is the most profitable activity of your organization? It is vital to prioritize key risks and operations, which will help mitigate the damage in the event of a disaster. 

Step 2: Business impact analysis

The second step involves a thorough and in-depth assessment of your business processes to determine the vulnerable areas and the potential losses if those processes are disrupted. This is also known as Business Impact Analysis . 

Essentially, Business impact analysis (BIA) is a process that helps the organization define the impact if critical business operations are interrupted because of a disaster, accident, or emergency. It helps in identifying the most crucial elements of the business processes. For instance, maintaining a supply chain might be more critical during a crisis than public relations.

While there is no formal standard for a BIA, it typically involves the following steps: 

  • Collating information: As a first step, a questionnaire is prepared to find out critical business processes and resources that will help in the proper assessment of the impact of a disruptive event. One-on-one sessions with key management members may be conducted further to gain insights into the organization’s processes and workings.
  • Analysis: This is followed by analyzing the collected information. A manual or computer-assisted analysis is conducted. The analysis is based on an interruption in which crucial activities or resources are not available. Typically it works on the assumption of the worst-case scenario, even when the chances of a risk likelihood are low. This approach is followed to zero in on the systems that, when disrupted or interrupted, threaten the organization’s very survival. This way, these processes are prioritized in the business continuity plan. 

The analysis phase helps identify the minimum staff and resources required for running the organization in the event of a crisis. This also allows the organizations to assess the impact on the revenue if the business is unable to run for a day, a week, or more. There might be contractual penalties, regulatory fines, and workforce-related expenditure which need to be taken into account while finding out the impact on the business. Further, there might be specific vulnerabilities of the firm, and they need to be considered in the BIA. 

  • Preparing a report: The next step is preparing a BIA report, which is assessed by the senior management. The report is a thorough analysis of the gathered information along with findings. It also gives recommendations on the procedure that should be followed in the event of a business disruption. The BIA report also shares the impact on the revenue, supply chain, and customer delivery to the business in a specific time frame. 

The business impact analysis report may also include a checklist of all the resources, such as the names of key personnel, data backup , contact information, emergency responders, and more.

  • Presenting the report: Usually, this report goes through several amendments before being cleared by the senior management. The involvement of senior management is crucial to the success of the business continuity plan. It sends out a strong signal in the organization that it is a serious initiative. 

Also Read: Will Extreme Weather Events Affect Your Business? Lessons From the Texas Winter Storm

Step 3: BCP Testing

Several testing methods are available to test the effectiveness of the BCP. Here are a few common ones: 

  • TableTop test: As the name suggests, the identified executives go through the plan in detail to evaluate whether it will work on not. Different disaster types and the response to them are discussed at length. This type of testing is designed to make all the key personnel aware of their role in the event of a disaster. The response procedure is reviewed, and responsibilities are outlined, so everybody knows their roles.
  • Walk through: In this type of testing, the team members go through their part in the plan with a specific disaster in mind. Drills or a simulated response and disaster role-playing are part of this. This is a more thorough form of testing and likely to reveal the shortcoming in the plan. Any vulnerabilities discovered should be used to update the BCP accordingly.
  • Disaster simulation testing: In this type of testing, an environment that simulates an actual disaster is created. This is the closest to the actual event and gives the best case scenario about the plan’s workability. It will help the team find gaps that might be overlooked in the other types of tests. Document the results of your testing so you can compare the improvement from the previous tests. It will help you in strengthening your business continuity plan. 

Frequency of testing – Typically, organizations test BCP at least twice a year. At the same time, it depends on the size of your organization and the business vertical you operate in.

Step 4: Maintenance

A business continuity plan should not be treated as a one-time exercise. It needs to be maintained , so the organization’s structural and people changes are updated regularly. The key personnel might move on from the firm, and this would need to be updated in the Business Impact Analysis and BCP. The process for regular updating of the documentation should be followed to ensure that the organization is not caught on the wrong foot in case of a business disruption. 

Also Read: Offsite Data Replication: A Great Way To Meet Recovery Time Objectives

Step 5: Communication

Sometimes executives tend to ignore communication while preparing a BCP. It is a crucial aspect, and your BCP should clearly define who will maintain the communication channels with the employees, regulators, business partners, and partners during the crisis. The contact information of the key people should be readily accessible for the BCP to work without any trouble.

In the end, the organizations should accept that despite preparing a formidable business continuity plan, several factors beyond your control may still affect its success or failure. The key executives might not be available in the event of a crisis; both the primary and the alternate data recovery sites might have been affected by the event; the communications network might be damaged, and so on. Such factors are common during a natural disaster and may lead to the limited success of the business continuity plan. 

The success of a business depends on it acting swiftly and efficiently when confronted with an unanticipated crisis. Any failure to do so results in a financial and reputational loss, which takes up a long time to recover. It can be avoided if the organization quickly gathers itself during a disaster. A business continuity plan is then of paramount importance for a business of any size. At the same time, it is crucial to ensure that the BCP is not a one-time exercise. It needs to be continuously evaluated, tested, amended, and maintained so it doesn’t let you down when you need it the most. 

Did you enjoy reading this article? Comment below or let us know on  LinkedIn Opens a new window ,  Twitter Opens a new window , or  Facebook Opens a new window . We’d love to hear from you!

Share This Article:

Take me to Community

Recommended Reads

No More Business As Usual: Vulnerability Management Focused On Managing Risk

No More Business As Usual: Vulnerability Management Focused On Managing Risk

How Leaders Can Protect Supply Chains Against Cyber Risks

How Leaders Can Protect Supply Chains Against Cyber Risks

The Vulnerabilities of Traditional Patch Management

The Vulnerabilities of Traditional Patch Management

Fry the Phish this Valentine’s Day: How to Thwart Online Scammers Using AI

Fry the Phish this Valentine’s Day: How to Thwart Online Scammers Using AI

Looking for a Bug Bounty Program: 13 Signs of a Successful One

Looking for a Bug Bounty Program: 13 Signs of a Successful One

Hackers Set Their Sights on the C-Suite

Hackers Set Their Sights on the C-Suite

Book cover

Sustainable Cities and Communities pp 33–44 Cite as

Business Continuity Planning

  • Markus Will 6 &
  • Jana Brauweiler 6  
  • Reference work entry
  • First Online: 01 January 2020

160 Accesses

2 Citations

Part of the Encyclopedia of the UN Sustainable Development Goals book series (ENUNSDG)

Adverse conditions ; Business continuity and resiliency planning (BCRP) ; Business continuity management (BCM) ; Crisis management ; Disaster ; Disaster recovery planning ; Disruption ; Emergency ; Hazards ; Incidents

Definitions

Business continuity planning supports an organization to continuing its operations after an incident or under adverse conditions, such as a natural disaster, disease pandemics, terrorist attacks, serious accidents, external hacker or other IT attacks, disruption of supply chains, and/or other abrupt and unexpected changes in business environment. Hence, business continuity is the organizational capability to continue delivery of products and services even under the aforementioned adverse conditions within an acceptable time frame. Business continuity planning means to identify critical core processes of the organization, to analyze business impacts, and to find backup processes and response strategies in the event of disruption. For this reason, business...

This is a preview of subscription content, log in via an institution .

Buying options

  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
  • Available as EPUB and PDF
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Barnes P (2007) Business impact analysis. In: Hiles A (ed) The definitive handbook of business continuity management, 3rd edn. Wiley, Chichester, pp 145–161

Google Scholar  

Barnes P (2011) Business impact analysis. In: Hiles A (ed) The definitive handbook of business continuity management, vol 3. Wiley, Chichester, pp S 166–S 182

Bauman S, Rössig v (2018) Business Continuity Management – unverzichtbares Element eines angemessenen Risikomanagements. In: Hunziker S, Meissner JO (eds) Ganzheitliches Chancen- und Risikomanagement. Interdisziplinäre und praxisnahe Konzepte. Springer Gabler, Wiesbaden. Springer Fachmedien Wiesbaden GmbH 2018

Business Continuity Institute BCI (2002) Good practice guidelines. Business Continuity Institute, Caversham

Business Continuity Institute BCI (2010) Good practice guidelines 2010. Business Continuity Institute, Caversham

Business Continuity Institute BCI (2013) Good practice guidelines 2013. Business Continuity Institute, Caversham

Cabinet Office – Government of Japan (2012) Business continuity guidelines —strategies and responses for surviving critical incidents, 3rd edn

Cornish M (2011) Business continuity management methodology. In: Hiles A (ed) The definitive handbook of business continuity management, vol 3. Wiley, Chichester, pp S 121–S 136

DoHS (2013) Supplemental tool: executing a critical infrastructure risk management approach. Department of Homeland Security National Critical Infrastructure Priorizitation Program (NCIPP)

Hiles A (2007) The Definitive handbook of business continuity management, 2nd edn. Chichester, West Sussex, United Kingdom: Wiley

HSE (2001) Reducing risks, protecting people, HSE’s decision-making process. HSE Information Services, Norwich

HSE (2019) Risk management_ ALARP at a glance. http://www.hse.gov.uk/risk/theory/alarpglance.htm (2019-07-28)

IEC (2019) IEC/ISO risk management – risk assessment techniques. International Standardization Organization, International Electrotechnical Commission

ISO (2018) ISO 22300 – Security and resilience – vocabulary. International Standardization Organization

ISO (2019a) ISO/DIS 22301 – Security and resilience – Business continuity management systems – Requirements. International Standardization Organization

ISO (2019b) ISO/DIS 22313 – Security and resilience –Business continuity management systems – Guidance. International Standardization Organization

Kirvan PF (2011) International standards and legislation in business continuity. In: Hiles A (ed.) The definitive handbook of business continuity management, 3rd Wiley, Chichester, pg. 736–745

Lagadec P (1982) Major technological risk. Pergamon, Oxford

Mahr WH (2009) BCM-Standards: ja, aber welche? IT-Security 1(9):36–38

ONR (2014) Risk Management for Organizations and Systems — part 3: guidelines for emergency. In: Crisis and business continuity management — implementation of ISO 31000

Perrow C (1984) Normal accidents: living with high-risk technologies. Princeton University Press

Reason J (1990) Human error. Cambridge University Press, Cambridge

Book   Google Scholar  

Thiel C, Thiel C (2010) Business Continuity Management für KMU DuD – Datenschutz und Datensicherheit:6/2010

Von Rössing R (2005) Betriebliches Kontinuitätsmanagement. mitp-Verlag, Bonn

Download references

Author information

Authors and affiliations.

University of Applied Sciences, Zittau/Görlitz, Germany

Markus Will & Jana Brauweiler

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Markus Will .

Editor information

Editors and affiliations.

European School of Sustainability Science and Research, Hamburg University of Applied Sciences, Hamburg, Germany

Walter Leal Filho

Center for Neuroscience and Cell Biology, Institute for Interdisciplinary Research, University of Coimbra, Coimbra, Portugal

Anabela Marisa Azul

Faculty of Engineering and Architecture, Passo Fundo University, Passo Fundo, Brazil

Luciana Brandli

Istinye University, Istanbul, Turkey

Pinar Gökçin Özuyar

University of Chester, Chester, UK

Section Editor information

OsloMet -Oslo Metropolitan University, Oslo, Norway

Astrid Skjerven

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this entry

Cite this entry.

Will, M., Brauweiler, J. (2020). Business Continuity Planning. In: Leal Filho, W., Marisa Azul, A., Brandli, L., Gökçin Özuyar, P., Wall, T. (eds) Sustainable Cities and Communities. Encyclopedia of the UN Sustainable Development Goals. Springer, Cham. https://doi.org/10.1007/978-3-319-95717-3_2

Download citation

DOI : https://doi.org/10.1007/978-3-319-95717-3_2

Published : 25 April 2020

Publisher Name : Springer, Cham

Print ISBN : 978-3-319-95716-6

Online ISBN : 978-3-319-95717-3

eBook Packages : Earth and Environmental Science Reference Module Physical and Materials Science Reference Module Earth and Environmental Sciences

Share this entry

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

  • Publish with us

Policies and ethics

  • Find a journal
  • Track your research

loading

How it works

For Business

Join Mind Tools

Article • 9 min read

Eight Steps to Effective Business Continuity Management

Eight steps to help organiaztions confront and survive potential disasters.

By the Mind Tools Content Team

'Fail to plan, and plan to fail' so the saying goes. Nowhere is this more true for organizations than when planning their response to the unforeseen or the unthinkable. Where organizations in the past concerned themselves with Disaster Recovery, today the focus has shifted to a more holistic approach, which is as much about prevention as it is about cure. This discipline is now called Business Continuity Management (BCM).

a business continuity plan helps organizations to operate at what level

Here we examine the eight steps of Business Continuity Management, which can help organizations to confront and survive potential disasters. [1]

1. Secure Top Level Commitment

Board or executive level responsibility for BCM is vital to its success. This signals to everyone in the organization that BCM is an important process, and one which everyone needs to back. Without this support, implementing and activating the Business Continuity Plan (BCP) will prove very difficult.

2. Start the Management Process

Having secured top-level commitment for the BCM process, the next stage is to establish the right team to take ongoing responsibility for BCM. It can be useful at this stage to agree the following:

  • any regulatory, statutory and contractual obligations that need to be met
  • what specialist help will be necessary (if any)
  • which employees will make up a Crisis Management Team

It is also a good idea to have at least a rough BCP in place as soon as possible, just in case disaster strikes during the planning stage.

3. Identify Threats and Risks

The pace of modern business is such that a disruption of only a few hours can have a disastrous effect on an organization’s profitability and reputation. And it is not just full-blown disasters that cost organizations money – even seemingly minor incidents can prove costly.

So when putting together a BCM policy, it is important for an organization to analyze the threats and risks it faces. The types of risks and their likelihood will depend partly on the size and type of the organization and its location.

A helpful way for organizations to establish where particular risks or threats lie is to categorize them and then plot them as shown below. [2]

TECHNICAL/ECONOMIC

PEOPLE/SOCIAL

Although all different kinds of organizations can be adversely affected by a disaster, some are at particular risk because of the nature of their business, or because of certain regulations imposed on them. In the UK, for example, these organizations include:

  • Companies regulated by the Financial Services Authority – which requires such companies to continue to operate and meet regulatory requirements during any unforeseen interruption.
  • Publicly listed companies – which need to implement the findings of the Turnbull Report on internal risk management. [3]
  • Local Government and NHS Trusts – the Civil Contingencies Act requires them to develop a proper structure to handle emergency planning within their area. [4] [5]

4. Manage the Risks as Part of Risk Management

There are two aspects to every risk to an organization:

  • the likelihood of it happening
  • the effect it will have on the organization if it does happen

Having adequate insurance is important, of course, but this should not be the only method of addressing risk. Indeed, many organizations have discovered too late that uninsured costs such as loss of work to competitors, or damage to reputation, can far exceed insured losses.

Risk awareness should, therefore, be integrated into overall management procedures, so that it is given sufficient priority against other business requirements.

The ABC Method

The Department of Trade and Industry recommends what it calls the ABC Method for identifying physical risks to an organization. [6] This divides the organization’s environment into A for Area , B for Buildings and C for Content .

Take an organization’s premises, for example. The greatest risk may come from the area surrounding the premises. It may be close to a floodplain, or there could be a chemical plant nearby.

When managing risk, it is also important to consider what could happen within the building itself. Could it be vulnerable to fire, or sabotage? If occupancy is shared with another organization, what threats could their working practices pose?

Finally, what contents could be problematical? Remember threats can include theft, sabotage, pollution, or equipment failure. It is advisable to draw up a complete inventory of all contents and assets on the premises and to consider how vulnerable they are to these risks.

Once the risks have been detailed, a probability graph can be drawn up by charting severity of risk against likely frequency. This helps establish the risk any particular incident would pose to the organization, and whether the BCP should be activated, as shown below.

5. Conduct a Business Impact Analysis

As part of the BCP process, it is recommended that organizations carry out a Business Impact Analysis (BIA). The BIA aims to analyze what the critical assets and processes of the business are and the financial impact that the loss or destruction of some or all of these would have on the organization.

When carrying out a BIA, it is important to think in terms of functions.

  • Primary functions – these are the business-critical functions, e.g. revenue generation. They may also include supporting secondary functions, without which the primary functions cannot happen.
  • Secondary functions – these are functions, which, while important, are not essential for immediate recovery.
  • Tertiary functions – these are tasks which are valuable to the organization’s day-to-day functioning, but which can be suspended for several days if necessary without any lasting effect on the business.

6. Develop Strategies

If disaster strikes, it is important for organizations to have a clear idea of what their recovery strategy is going to be. This should include plans for:

  • communicating with stakeholders, from staff to customers, suppliers to regulators
  • off-site recovery needs, e.g. off-site storage for backed-up data, and/or data mirroring of the entire organizational IT network at a second live data center, second-line telecoms.
  • which business units and functions should prepare their own recovery plans, and who should do this
  • strategies for handling media interest
  • location of an Emergency Control Center – typically this would be in a secure area, with good communications, workstations for the Crisis Team, 24-hour access and parking, toilet and refreshment facilities

Ideal timescales for recovery of key business functions should be included in any plans, together with possible alternative operating strategies.

At this stage of the BCM process, a variety of strategies and responses should be outlined, relative to whether a crisis would be classed as minor, intermediate or major. In the event of a crisis, this can help avoid under-reaction or over-reaction to the incident.

7. Developing and Implementing the Plan

Continuity plans will differ depending on the type of organization, but a thorough, effective plan should include the following features:

  • it should be endorsed by the highest levels of the business
  • it should be based on a full risk assessment and aimed at achievable recovery
  • it should drive individual departmental recovery plans
  • it should make clear who should do what and include deputies for key roles
  • it should be easy to use and understand in a crisis situation – checklists are handy and jargon should be avoided
  • it should give clear, direct instructions for handling the crucial first hour of the incident and what can be dealt with later
  • copies of the plan should be stored offsite in case they can’t be accessed in a crisis situation
  • responsibility and frequency for keeping all details of the plan up to date (e.g. staff changes) should be agreed
  • it should plan for worst-case scenarios
  • it should include information on key external contacts, e.g. local authority emergency planning department, emergency services, utility services, neighboring businesses, suppliers and customers and insurance companies

8. Test and Maintain the Plan

Once an organization is happy with its BCM process, it is important to test and maintain the BCP. It should be seen as a living document that has to be adapted and updated as the organization changes, in order to keep it relevant.

There are various options for rehearsing a BCP:

  • Paper-based tests, where the plan is read through by a group, who question each action, e.g. ‘is it the right thing to do?’ ‘is it in the right order?’. It is then helpful to ask questions that relate to how a disaster situation might unfold, e.g. ‘what if the electricity supply failed?’. Any important scenarios that have been overlooked can then be fed back into the plan.
  • Telephone cascading is a way of testing the communications structure of the plan. It involves sending out a test message without warning to everyone at the top of the telephone lists in the BCP. Each person, in turn, contacts someone below them on the list (hence the term ‘cascading’), with the length of time taken for the whole process monitored.
  • A full rehearsal is the best way to find out whether a plan works as a whole, although it can be time-consuming and expensive to carry out.

All results, thoughts and feedback from any tests should be fed back into the plan.

Some organizations choose to use an external auditor to assess their plan. This can bring added objectivity, and can also highlight details that may have been overlooked.

Organizations have three options for confronting risk. They can do nothing, rely on insurance, or invest time and resources in BCM. For organizations that want to protect their assets, their people and their business, then BCM is the wisest choice.

[1] Based on the DTI's Management Notes (1999). Business Continuity Management – Preventing Chaos in a Crisis [online]. Department of Trade and Industry. Available here . [Accessed 14 August 2023.]

[2][6] Power, P. (1999). Business Continuity Management: Preventing Chaos in Crisis [online]. Department of Trade and Industry. Available here . [Accessed 14 August 2023.]

[3] ICAEW (2005). Internal Control: Guidance for Directors on the Combined Code [online]. Available here . [Accessed 14 August 2023.]

[4] Civil Contingencies Act (2004). Available here . [Accessed 14 August 2023.]

[5] Continuity Central. Available here . [Accessed 14 August 2023.]

Join Mind Tools and get access to exclusive content.

This resource is only available to Mind Tools members.

Already a member? Please Login here

a business continuity plan helps organizations to operate at what level

Enhance your in-demand workplace skills

Top skills - leadership, management, communication and more - are available to develop using the 3,000+ resources available from Mind Tools.

Join Mind Tools today!

Sign-up to our newsletter

Subscribing to the Mind Tools newsletter will keep you up-to-date with our latest updates and newest resources.

Subscribe now

Business Skills

Personal Development

Leadership and Management

Most Popular

Newest Releases

Article azazlu3

Locke's Goal-Setting Theory

Article aq7esry

The Speed of Trust: The One Thing That Changes Everything

Mind Tools Store

About Mind Tools Content

Discover something new today

How to do a personal swot analysis.

Spotting career opportunities and threats

How to Deal With Unfair Criticism

Handling harsh or personal criticism calmly and professionally

How Emotionally Intelligent Are You?

Boosting Your People Skills

Self-Assessment

What's Your Leadership Style?

Learn About the Strengths and Weaknesses of the Way You Like to Lead

Recommended for you

Beyond measure: the big impact of small changes.

Margaret Heffernan

Expert Interviews

Business Operations and Process Management

Strategy Tools

Customer Service

Business Ethics and Values

Handling Information and Data

Project Management

Knowledge Management

Self-Development and Goal Setting

Time Management

Presentation Skills

Learning Skills

Career Skills

Communication Skills

Negotiation, Persuasion and Influence

Working With Others

Difficult Conversations

Creativity Tools

Self-Management

Work-Life Balance

Stress Management and Wellbeing

Coaching and Mentoring

Change Management

Team Management

Managing Conflict

Delegation and Empowerment

Performance Management

Leadership Skills

Developing Your Team

Talent Management

Problem Solving

Decision Making

Why Every Organization Needs a Business Continuity Plan

Why Every Organization Needs a Business Continuity Plan

As spring arrives, businesses are once again facing the potential and sometimes disastrous impact of adverse weather conditions and natural disasters like high winds, flooding, wildfires, mudslides, and tornadoes. In recent decades, these events are occurring with higher frequency and severity. In addition to natural disasters, organizations need to prepare for non-weather-related disasters including fires, burst pipes, and long-term power loss.

Preparing a business continuity program (BCP)

What happens in your organization if an accident makes a worksite potentially hazardous? Employers have a responsibility to ensure that the work environment is safe and that employees are aware of potential hazards during recovery. For example, what happens if employees return to a worksite after flooding, but now there are mold hazards? Employees need to be aware of these hazards, provided with instruction/training on those hazards, personal protective equipment (PPE) supplied, if required, and administrative/engineering controls put in place to protect employees.

In other words, organizations need a business continuity program (BCP).

There are many resources available, but I highly recommend taking a look at Standard 1600 on Disaster/Emergency Management and Business Continuity Programs developed by the National Fire Protection Association (NFPA) to help the communities cope with disasters and emergencies. This standard not only establishes a common set of criteria for disaster management, emergency management, and business continuity programs, it also provides the requirements for each organization to assess their current plans. Additionally, it promotes a shared understanding of the fundamentals of planning and decision-making to help organizations examine all possible hazards and prepare accordingly.

As you develop your BCP remember to ensure it is compliant with any industry and state applicable regulations. It should also be consistent with your organization's mission, management policy, and finances. As risks change, effective BCPs will have comprehensive plans that incorporate measures to continuously evaluate and update.

What to include in your BCP

A complete BCP contains multiple components and incorporates short and long-term mitigation strategies detailing who is responsible for specific tasks or courses of action.

Your organization’s BCP should encompass the following:

  • The means to identify the people who can implement the plan.
  • A strategic plan that defines the vision, mission, goals, and objectives of the program as it relates to the policy of the entity.
  • A mitigation plan that establishes interim and long-term actions to eliminate hazards that impact the entity or to reduce the impact of those hazards that cannot be eliminated.
  • A recovery plan developed using strategies based on short-term and long-term priorities, processes, vital resources, and acceptable time frames for the restoration of services, facilities, programs, and infrastructure.
  • A continuity plan that identifies the critical and time-sensitive applications, vital records, processes, and functions that shall be maintained.
  • A program for training and education of team members and senior management.

Plus remember, review your BCP regularly to ensure you are meeting any changing needs and exposures. I also recommend conducting periodic reviews, testing, and evaluating post-incident reports help to improve the program.

Don’t forget your emergency action plan (EAP)

We’ve blogged before about the importance and role of the EAP. For today’s purpose, it suffices to say that your company’s BCP should either include or refer to your EAP regarding what steps to take during an incident – such as evacuation routes, meeting places, and identification and activation of teams who will coordinate responses. For example, in the event of a hazardous material release, is there air monitoring equipment available to ensure the safety of the responders? What special personal protective equipment is available and where it is located?

According to FEMA, following a disaster, 90% of smaller companies fail within a year unless they can resume operations within five days. Planning is therefore essential, and yet only 20% of larger companies spend over ten days per month on their business continuity plans (BCP). This disparity and lack of preparation need our attention.

With courses such as Emergency and Disaster Preparedness , Emergency Response in the Workplace , NFPA 1600 Business Continuity Programs , NFPA Disaster/Emergency Management , and Disaster Site Workers , Skillsoft offers the training your organization needs to ensure you are ready for any eventuality.

Here’s a brief clip on responding to natural disasters from our Emergency and Disaster Preparedness course.

Read our white paper for advice on how best to integrate compliance with business strategy.

a business continuity plan helps organizations to operate at what level

Donna McEntee is the Workplace Safety and Health Solution Manager at Skillsoft.

Subscribe to the Skillsoft Blog

We will email when we make a new post in your interest area.

Select which topics to subscribe to:

Thanks for signing up!

The importance of reskilling and upskilling today's workforce.

a business continuity plan helps organizations to operate at what level

Sustainability at Work: The Importance of Intersectional Frameworks and Collaboration in ESG Initiatives

a business continuity plan helps organizations to operate at what level

Sustainability at Work: Christopher Wellise on the Intersection of Business and Sustainability

a business continuity plan helps organizations to operate at what level

Subscribe to Blog

You seem to really like our blog!

The Diligent team Image

The importance of having a business continuity plan

Business person stopping dominos from falling, signifying the importance of a business continuity plan.

When the world is chugging along as normal and business operations only have the usual risks to monitor, it can be easy to put aside business continuity planning. But, as we've all discovered in recent weeks, anything can happen at any time, and businesses must be ready to pivot operations quickly, efficiently and safely as and when needed. The quick global spread of COVID-19, colloquially known as coronavirus, has thrown the world into disarray. The markets are in a nosedive, governments are shutting down entire countries and most organizations are having to quickly embrace remote working to keep the lights on and keep clients serviced. Those who do not have the capability to support workers at home ' and that are not essential services such as healthcare or sanitation ' are currently going through a trial by fire, with operations stymied and revenue under threat. Businesses are rushing to set up work-from-home arrangements, or take out subscriptions for online meetings and cloud collaboration technology. Priorities are shifting dramatically as we enter uncharted territory. This lack of preparedness could well see many businesses going under ' but if those organizations had created a robust business continuity plan ahead of time, they would know exactly how to handle such a crisis and weather the storm.

What is a business continuity plan and why do you need one?

A business continuity plan, or BCP, refers to the process a company will take to prevent and recover from potential threats to the organization. It ensures personnel and assets are protected and able to function in the event of a disaster, and is generally part of overall risk management ' that is, best practice dictates that you consider your business continuity plan ahead of time, not when a crisis hits. Your business continuity plan considers what those risks may look like ' both physical threats such as fire or flood, and those threats that are harder to pin down, such as hacks and pandemics ' and then determines:

  • How those risks will impact operations
  • How you'll implement safeguards, procedures and policies to mitigate the risks
  • How you'll test procedures to ensure that they work
  • How you'll review the process to keep it up-to-date

It includes a summary of the most critical business processes and functions ' those aspects that, if they failed, your business would be unable to operate ' as well as internal and external communication strategies, clear instructions for accessing and restoring offsite recovery data, any potential temporary offices or locations, and a change log that summarizes any updates to the plan for version-control purposes. Without a business continuity plan, you risk your company and its people . Not only could the business fail, but you could also suffer financial loss, a tarnished reputation and lost productivity. A physical disaster could also impact your employees, potentially causing injury or death.

Ensure continued — and secure — access to systems

With COVID-19 playing havoc with how companies go about their day-to-day activities, the priority for organizations should be on building business resilience. This means being flexible enough to go with the flow while maintaining operations at as normal a level as possible, all while ensuring your employees can access the systems and processes they need to do their jobs. It also means keeping a close eye on matters of cybersecurity. Those companies that maintain on-premises systems have suddenly found themselves in a pickle, as workers are unable to come into the office with cities on lockdown. The question of how teams will access platforms is an essential part of business continuity planning, and something that smart risk managers had covered long before the pandemic hit. They had thought about how teams would access platforms, assessed what bandwidth they had available for that level of remote access, and had considered whether they needed a temporary increase in network capacity or licenses. The security question, though, doesn't just extend to moving to cloud-based operations; hackers and cyber threats will use any crisis to their advantage. Keep an eye out for phishing scams, DDoS attacks and malware being introduced by employees keen to learn the latest developments in the crisis and not closely examining the links they click on. Security postures should include a review of systems you have in place to stop phishing campaigns and other inbound threat vectors before they hit employees' inboxes, writes Jason Albuquerque for InformationWeek .

Creating a business continuity plan

While every organization's business continuity plan will be different, there are some common steps that companies should follow to develop a solid continuity plan. They include:

  • Undertaking a business impact analysis to identify functions and related resources that are time-sensitive
  • Identifying and implementing steps to recover critical business functions
  • Creating a continuity team that will be tasked with devising a plan to manage the disruption
  • Training and testing the continuity team, and ensuring they regularly go over the plan and strategies to mitigate risk and ensure they are kept up-to-date

By considering these things in advance, organizations can help to ensure business continuity when things get tough, protecting the business, its reputation, its people and its customers.

The importance of technology to business continuity for legal operations

Of course, the march toward cloud-based technology to run essential business systems and processes makes business continuity planning a little easier. Once upon a time, you had to be in the office and on the network to access things like entity management software; today, there is a plethora of cloud-based options for all aspects of legal operations, compliance, governance and risk management work. Best-in-class providers of these systems are supporting their clients through the current COVID-19/coronavirus crisis, helping them to make sense of the craziness by providing online support, guidance and tech triage. More than just a software provider, these organizations become an essential partner in times of crisis. Diligent is one such company, acting as a partner to more than half of the Fortune 1000. Through its cloud-based legal technology platforms, Diligent enables proactive governance to help mitigate the risks of modern business. We believe every business should have the necessary business continuity planning and management strategies, plans and procedures in place, fully tested at regular intervals, to drive the assurance that when disaster strikes, they'll be ready. The cost and impact of not being prepared is usually far greater than that of being proactive. Diligent works to enable business continuity planning by ensuring ongoing access to essential documents, contracts and entity data through:

  • Diligent Entities , which helps organizations to centralize, manage and effectively structure their corporate record to improve entity governance and improve decision-making
  • Diligent Boards , which empowers boards and executives with the tools, insights and analytics to securely access board materials, track company performance and gather real-time information
  • Diligent Assurance , which helps organizations to confidently create, manage and report on the obligations relevant to their business, and always be audit-ready.

Get in touch and request a demo to see how Diligent's suite of cloud-based governance and compliance software can help drive your business continuity planning and ensure your organization can continue to operate, no matter what gets thrown your way.

Solutions Solutions

  • Board Management
  • Enterprise Risk Management
  • Audit Management
  • Market Intelligence

Resources Resources

  • Research & Reports

Company Company

Your data matters.

  • Manage your subscription
  • Manage payment method
  • Renew your subscription

Turn recurring billing on or off

  • When subscription expires
  • Cancel Microsoft 365
  • Share Microsoft 365 Family
  • Stop sharing Microsoft 365 Family
  • You received an invitation to share
  • Switch between Microsoft 365 subscriptions
  • Switch to a business subscription
  • Transfer to a different Microsoft account
  • About accounts
  • Sign in to Microsoft 365
  • Why you need to sign in
  • Forgot account or password
  • Get started at Microsoft 365.com
  • Meet the Microsoft 365 app launcher
  • Check version
  • Microsoft 365 for home or business
  • What business product do I have?
  • Difference between Microsoft 365 and Office 2021
  • Difference between home and business plans
  • Difference between Microsoft 365 and free web apps
  • Can't install or manage Office or Microsoft 365
  • Parental permission when signing in to Office or Microsoft 365

a business continuity plan helps organizations to operate at what level

Manage your Microsoft 365 subscription or Office product

For most Microsoft 365 subscriptions and versions of Office (2013 and later), you need to associate an account with your product. This is the account you use to sign in to Microsoft365.com and what you use to install or reinstall the apps, or to manage your subscription. Depending on your product, this account can be a personal Microsoft account (such as Hotmail.com, Outlook.com, Live.com), or a work or school account assigned by someone in your organization.

Note:  Some products purchased through an employee  Microsoft Workplace Discount Program  (formerly known as Home Use Program) benefit or volume license versions (managed by an organization's IT department) might not require an account. The information below doesn't apply to these Office versions or Microsoft 365 subscriptions.

Sign in to the dashboard for your account

Open a desktop app like Word or Excel, or go to Microsoft365.com .

Tip:  You might be prompted to sign in. Make sure to sign in with the account associated with Microsoft 365 or Office. If you can’t remember which email address you associated with your subscription or Office product, see I can't remember the Microsoft account I use with Microsoft 365 .

From the header, select your Account manager .

Depending on your account type, select  My Microsoft account or  View  account .

Your account dashboard is displayed and what you can do next depends on if you're signed in with a Microsoft account , or a work or school account .

Select the tab below for the type of account you're signed in with.

If you selected My Microsoft account , the Microsoft account dashboard will open. This is where you manage your Microsoft account and any Microsoft products associated with this account.

On the Microsoft account dashboard, select  Services & subscriptions to view all Microsoft products associated with this account. 

For non-subscription versions of Office (such as Office 2013 and later): Find your Office product and select Install . Follow the prompts to install or reinstall the desktop apps.

For Microsoft 365 Family or Personal subscriptions: Select Install premium Microsoft 365 apps and follow the prompts to install or reinstall the desktop apps.

On the Microsoft 365 subscription tab, select Manage . From here you can:

Renew your subscription with a prepaid code or card

Cancel a subscription

For Microsoft 365 Family subscriptions, you can start sharing your subscription, and add or remove people you're already sharing with. If you're not the subscription owner, you can see who's sharing Microsoft 365 with you, or choose to leave the subscription.

If you selected View account , the  My Account dashboard for your work or school account will open. Here you can:

Install and manage your apps. On the Office apps card, select Manage , and select Install to install or reinstall the latest desktop apps, or other apps such as Project or Visio. (An install option is available as long as your admin assigned you a license and gave you permission to self-install.)

Manage your devices.

View your subscriptions, and any other licenses assigned to you.

Note:  For Microsoft 365 admins only     If you're the Microsoft 365 admin in your organization, you control what you want your users to have access to. Go to the Microsoft 365 Admin help center for more information about setting up users.

Facebook

Need more help?

Want more options.

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

a business continuity plan helps organizations to operate at what level

Microsoft 365 subscription benefits

a business continuity plan helps organizations to operate at what level

Microsoft 365 training

a business continuity plan helps organizations to operate at what level

Microsoft security

a business continuity plan helps organizations to operate at what level

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

a business continuity plan helps organizations to operate at what level

Ask the Microsoft Community

a business continuity plan helps organizations to operate at what level

Microsoft Tech Community

a business continuity plan helps organizations to operate at what level

Windows Insiders

Microsoft 365 Insiders

Find solutions to common problems or get help from a support agent.

a business continuity plan helps organizations to operate at what level

Online support

Was this information helpful?

Thank you for your feedback.

IMAGES

  1. Building a Business Continuity Plan (BCP)

    a business continuity plan helps organizations to operate at what level

  2. How to create an effective business continuity plan?

    a business continuity plan helps organizations to operate at what level

  3. What Is A Business Continuity Plan?

    a business continuity plan helps organizations to operate at what level

  4. 7 Stages of a Business Continuity Plan

    a business continuity plan helps organizations to operate at what level

  5. How to Write a Business Continuity Plan?

    a business continuity plan helps organizations to operate at what level

  6. The importance of Business Continuity Planning

    a business continuity plan helps organizations to operate at what level

VIDEO

  1. BUSINESS CONTINUITY PLAN

  2. Business Continuity Plan Part IV

  3. Business Continuity Planning BCP

  4. Business Continuity Planning

  5. Business Continuity Plans...Explained!

  6. Business Continuity Awareness: Why it's Important

COMMENTS

  1. What Is a Business Continuity Plan (BCP), and How Does It Work?

    A business continuity plan (BCP) is a system of prevention and recovery from potential threats to a company. The plan ensures that personnel and assets are protected and are able to...

  2. What is business continuity and why is it important?

    Business continuity planning establishes risk management processes and procedures that aim to prevent interruptions to mission-critical services and reestablish full day-to-day function to the organization as quickly and smoothly as possible.

  3. Business Continuity Plan: Example & How to Write

    Step 3: Establish the business continuity plan objectives. Step 4: Evaluate the potential impact of disruptions to the business and its workers. Step 5: List actions to protect the business. Step 6: Organize contact lists. Step 7: Maintain, review, and continuously update the business continuity plan.

  4. What is a Business Continuity Plan (BCP)?

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue operating during an unplanned event. The BCP states the essential functions of the business, identifies which systems and processes must be sustained, and details how to maintain them.

  5. Business Continuity Planning

    Business Continuity Training Part 3: Planning Process Step 1 The first of six steps addressed in this Business Continuity Training, which detail the process of building a business continuity plan. This step addresses how organizations should "prepare" to create a business continuity plan. View on YouTube

  6. Working Toward a Managed, Mature Business Continuity Plan

    Business continuity is defined as having the right tools in place to make sure that an organization can continue to function during an interruption of one or more of its critical mission functions. Consider the example of an earthquake that causes massive damage to the majority of an organization's infrastructure.

  7. Understanding the Essentials of a Business Continuity Plan

    A business continuity plan (BCP) is an essential blueprint that outlines how a company will continue operating during an unplanned disruption in service. It's more than just a reactive strategy; it's a proactive measure to ensure that critical business functions can continue during and after a crisis.

  8. How to craft an effective business continuity plan

    Get the word out. Iterate and improve. 1. Analyze your company. In this phase you conduct an analysis to identify critical activities, determine which activities must continue, which can be temporarily paused, and which can operate at a reduced capacity. You then assess the financial impact of disruptions.

  9. Business continuity plan (BCP) in 8 steps, with templates

    Step 1: Establish an emergency preparedness team. Assign a team the responsibility for emergency preparedness. Select a few managers or an existing committee to take charge of the project. It's advisable to assign one person to lead the planning process.

  10. How to create an effective business continuity plan

    A business continuity plan (BCP) is a strategic playbook created to help an organization maintain or quickly resume business functions in the face of disruption, whether that disruption is caused ...

  11. What Is a Business Continuity Plan?

    A business continuity plan (BCP) is a document that sets guidelines for how an organization will continue its operations in the event of a disruption, whether it's a fire, flood, other natural disaster or a cybersecurity incident. A BCP aims to help organizations resume operations without significant downtime.

  12. Business continuity planning

    Business continuity may be defined as "the capability of an organization to continue the delivery of products or services at pre-defined acceptable levels following a disruptive incident", [1] and business continuity planning [2] [3] (or business continuity and resiliency planning) is the process of creating systems of prevention and recovery to...

  13. What Is Business Continuity?

    Business continuity is an organization's ability to maintain or quickly resume acceptable levels of product or service delivery following a short-term event that disrupts normal operations. Examples of disruptions range from natural disasters to power outages. Watch video (1:14) Business continuity

  14. Business Continuity Planning: Ensuring the Resilience of Your Organization

    Business Continuity Planning: Ensuring the Resilience of Your Organization Let's explore the intricacies of business continuity planning, from understanding its importance to implementing a robust strategy that safeguards your enterprise. Published by Orgvue November 20, 2023

  15. 5 Step Guide to Business Continuity Planning (BCP) in 2021

    A business continuity plan (BCP) is defined as a protocol of preventing and recovering from potentially large threats to the company's business continuity. This article explains what a business continuity plan is today, its key benefits, and a step-by-step guide to creating a formidable plan. Table of Contents

  16. What is business continuity? Business continuity planning

    Business continuity is the advanced planning and preparation required to ensure that an organization can maintain essential operations in the event of a disaster, emergency, or other unexpected event that causes significant disruption.

  17. ISO 22301:2019(en), Security and resilience ? Business continuity

    0.1 General. This document specifies the structure and requirements for implementing and maintaining a business continuity management system (BCMS) that develops business continuity appropriate to the amount and type of impact that the organization may or may not accept following a disruption.

  18. Business Continuity Planning

    Definitions. Business continuity planning supports an organization to continuing its operations after an incident or under adverse conditions, such as a natural disaster, disease pandemics, terrorist attacks, serious accidents, external hacker or other IT attacks, disruption of supply chains, and/or other abrupt and unexpected changes in ...

  19. Eight Steps to Effective Business Continuity Management

    This discipline is now called Business Continuity Management (BCM). Here we examine the eight steps of Business Continuity Management, which can help organizations to confront and survive potential disasters. [1] 1. Secure Top Level Commitment. Board or executive level responsibility for BCM is vital to its success.

  20. 11 Critical Aspects Of An Effective Business Continuity Strategy

    1. Testing And Validation Many companies fail to test their plans. A plan may look good on paper, but it must be validated and tested to make sure it will work.

  21. Why Every Organization Needs a Business Continuity Plan

    Your organization's BCP should encompass the following: The means to identify the people who can implement the plan. A strategic plan that defines the vision, mission, goals, and objectives of the program as it relates to the policy of the entity. A mitigation plan that establishes interim and long-term actions to eliminate hazards that ...

  22. PDF 7 Steps to Create a Business Continuity Plan

    Step 2: Perform a Detailed Risk Assessment. Next, you should perform a risk assessment on your firm. At a high level, this process includes identifying and prioritizing potential business risks and disruptions based on severity and likelihood of occurrence. Through this process, your firm will need to understand the risks to the operation as ...

  23. The importance of having a business continuity plan

    A business continuity plan, or BCP, refers to the process a company will take to prevent and recover from potential threats to the organization. It ensures personnel and assets are protected and able to function in the event of a disaster, and is generally part of overall risk management ' that is, best practice dictates that you consider your ...

  24. Manage your Microsoft 365 subscription or Office product

    If you selected My Microsoft account, the Microsoft account dashboard will open.This is where you manage your Microsoft account and any Microsoft products associated with this account. On the Microsoft account dashboard, select Services & subscriptions to view all Microsoft products associated with this account. For non-subscription versions of Office (such as Office 2013 and later):