Our site uses cookies to make it work and to help us give you the best possible user experience. By using our site, you agree to our use of cookies. To find out more about cookies and how you can disable them, please read our Cookies statement
You can manage your cookie settings by turning cookies on and off.
Click on the different cookie  headings to find out more about the types of cookies we use on this site and to change your settings. Please be aware that if you choose to turn off  cookies, certain areas of our site may not work and your browsing experience may be impacted.

For further information on how we use cookies, please see our cookies statement.

Strictly Necessary Cookies

These cookies are essential for the technical operation of and proper functioning of our site  and enable you to register and login, to easily move around our site, and to access secure areas. Without these cookies our site won't function properly.  

These cookies are required

Marketing Cookies

These cookies allow us to advertise our products to you and allow us to pass this information on to our trusted third parties so that they can advertise our products to you on our behalf. All information these cookies collect is aggregated and therefore anonymous. No personal information is shared to third parties. Any personal information collected while using our website could be used for direct marketing from Dimension Data only.

Performance Cookies

Performance cookies allow us to collect aggregated and anonymous data on how our site is used, such as the number of visitors to our site, how you navigate around and the time spent on our site and also to identify any errors in functionality. These cookies also help us to improve the way our site works by ensuring that you can find what you’re looking for easily, to better understand what you are interested in and to measure the effectiveness of the content of our site. 

Johannesburg, 16 May 2019

Top tips for a business continuity/disaster recovery plan that works

When a crisis breaks, employees and other stakeholders must know for certain what actions need to be undertaken, and who is responsible for them, says Karen Humphris, senior manager: Advisory at ContinuitySA.

According to research conducted by the Business Continuity Institute in 2019, 71% of organisations activated their response plans at least once over the past year.

"This finding is consistent with the previous year's survey, and indicates just how important it is to have a response plan that works well," says Karen Humphris, Senior Manager: Advisory, ContinuitySA, Africa's leading provider of business resilience services.

Based on ContinuitySA's three decades of experience, she offers the following tips to ensure an organisation's business continuity and/or disaster recovery plan performs as desired when the chips are down:

* Establish clear roles and responsibilities. When a crisis breaks, employees and other stakeholders need to know for certain what actions need to be undertaken, and who is responsible for them. This should include clearly identifying who has the authority to declare a disaster and invoke the appropriate plan.

* Think resilience. Plans must not only provide sufficient guidance, but must be flexible enough to address any event. A good idea is to structure the plan around dependencies, and to provide enough detail to allow for it to adapt to different scenarios. A common mistake is for plans to be too inwardly focused. It is also very important that plans are practical and user-friendly: role-players must be able to navigate efficiently through an event.

* Don't focus on IT alone. IT is critical, of course, but the BCP must look at the big picture, and cater for all dependencies. These would include key staff, specialised equipment, IT system/application requirements, key third-party service providers and site requirements.

* Make provision for emergency response and crisis management, including crisis communication. The first response is vital, especially from the point of view of ensuring the safety of employees and others. As the crisis unfolds, well-crafted and accurately disseminated communications are vital not only in keeping staff informed (and thus maintaining morale), but also in ensuring that the outside world gets the right messages. Poor crisis communication can irretrievably damage brand reputation.

* Refresh role-players' awareness and understanding of the BCP and DRP continually. Don't assume that role-players know what they have to do, or will remember over time. The plans need to be kept alive for them.

* Consider a mobile app. An app can ensure that plans are activated and executed timeously; they also enable the constant exchange of information between role-players, thus increasing the chances of success.

* Take out cyber insurance. While IT should not be the focus of BCPs, its importance as the platform for modern business means it is a key vulnerability. Over the past two years, the Business Continuity Institute's Horizon scans indicate that cyber security has become the number one threat to organisations. Cyber insurance does not only cover liabilities, it can also provide access to specialised skills like lawyers, forensic investigators and crisis communication specialists.

* Engage a specialist business continuity provider to undertake gap analysis. This will reveal the organisation's current state of readiness and also any shortcomings in the existing BCP and DRP. A maturity assessment should also be performed periodically to ensure the plans are constantly enhanced.

* Test, test, test. Your BCP and DRP might look good on paper, but it needs to be tested regularly. This is the only way you can be sure they work and that everybody knows what they have to do.

By Karen Humphris for ContinuitySA