'We don’t have the budget. We don’t have the time. It won’t happen to us.'
These are only a few of organisations’ famous last words about business continuity planning. Companies of all sizes make excuses for neglecting business continuity planning.
SMBs might consider it something large enterprises do, while large organisations often assume insurance coverage will mitigate the effects of a disaster. Many business leaders believe there’s no true ROI for a business continuity programme unless the business experiences a major disaster. If the organisation hasn’t yet experienced one, management don’t consider creating a business continuity plan an urgent project. Our new research reveals that this reasoning could be, well, disastrous.
The costly impact of disasters
We examined disasters which caused significant issues for UK businesses over the last year, as our contribution to the Business Continuity Institute’s Business Continuity Awareness Week (BCAW) 2016.
The research covered a range of disasters, from cataclysmic extratropical storms to seemingly mundane man-made incidents like burst pipes (which, incidentally, are anything but mundane – a burst pipe at the Royal Berkshire Hospital caused flooding and power loss, resulting in the A&E closing to all but critical patients). What we discovered is that disasters are increasing in frequency and have the potential to cost billions of pounds in damage. Flooding is an especially costly and prevalent issue. Accountancy firm KPMG reported that after the winter 2015-16 flooding alone, damages will cost the UK’s insurance sector, businesses, individuals, communities and government an estimated £5-5.8bn.
Businesses with a solid business continuity programme in place can avoid some of these costs, but 49 per cent of businesses don’t have a comprehensive business continuity plan. Part of the reason for this troubling statistic is likely the aforementioned excuse of 'It won’t happen to us'. However, our research reveals a different story. Even if a business is unscathed by the likes of storms Abigail, Desmond and Katie, its commuting employees could be impacted by the closure of a major bridge such as the 19 day closure of the Forth Road Bridge. Or a major supplier could shut down at a crucial time, as did a factory supplying 25 per cent of the UK’s toffee apples in September 2015 – a mere month before Halloween.
Without a proper plan in place, your business risks negative consequences such as lost inventory, reduced productivity due to employees being unable to work remotely, property damage and the all-important revenue loss.
The everyday revenue potential of business continuity
Having a business continuity programme can help you protect your revenue after a man-made or natural disaster, but you don’t have to experience a disaster to yield ROI. The reason is business continuity forces you to take a closer look at the inner workings of your business. During the business impact analysis (BIA) process, which is the foundation of a solid business continuity plan, you’ll evaluate critical business processes, employee roles and technology. You’ll then decide which of these are essential to continuing business operations. At the same time, you’re likely to discover new opportunities for cost savings or even revenue generation.
For example, you might find that your business has more applications than it needs, as did nearly 48 per cent of CIOs in a Capgemini report. In this scenario, you could either discontinue use of nonessential applications or consolidate applications with a trusted vendor.
Of course, streamlining vendor relationships is only one example of how business continuity helps decrease expenditures, reduce risk and improve employee productivity. Odds are you’ll uncover other opportunities unique to your business.
After you’ve decided to implement or expand your business continuity programme, what’s next? First, evaluate what resources you’ll need to keep your business processes moving forward. Many organisations decide to protect data through a disaster recovery as a service (DRaaS) solution. However, it’s important to avoid a 'set it and forget it' approach to business continuity. To avoid wasting money on a product that doesn’t function as needed in the aftermath of a disaster, work with your DRaaS provider to test the solution and have a plan for coping with power outages and other consequences of a disaster.
For a true business continuity solution, you must also ensure your employees are able to continue working. If your data is protected but your employees don’t have a way to access it, that’s not an effective business continuity plan. Employees need network access, guidelines for personal device use, a telephony solution, Internet access, and an alternate workspace.
A third-party consultant can provide objective recommendations for your business’s plan. At the same time, they can help you identify opportunities for improving day-to-day operations by improving archaic workflows, eliminating unnecessary touchpoints in approval processes and more.
Whether your organisation is an SMB or large enterprise, neglecting business continuity planning means you’re missing out on multiple opportunities for ROI – regardless of if you ever experience a disaster. Can you afford that?
Matt Kingswood - Head of Managed Services, IT Specialists (ITS)
Image Credit: Shutterstock/Tom Wang