Business Continuity Management (BCM) is an integral control within a company’s operational risk framework, one that requires meticulous planning and seamless execution. The impact that BCM has on a firm cannot be understated, as failure to manage the program properly can have damaging financial, reputational, regulatory/legal, and customer implications. Yet according to a recent business continuity study, 27.2% of companies surveyed do not have a business continuity plan in place and are not currently developing one.
A firm’s BCM program must be capable of evolving to address not only traditional outages, but also modern threats occurring with greater frequency, such as cybersecurity breaches and interruptions to services and/or technology provided by critical vendors. It is imperative to have a robust BCM program in place, one that can mitigate today’s threats with ease and precision — with the agility to address the unknown threats of tomorrow.
This article provides financial services firms with insights into both the assessment and execution of a BCM program. In the assessment areas, Personnel Assessment and Plan Assessment are recommended to be used together before an incident to deliver senior management full insight into the maturity and health of a firm’s BCM program. Additionally, the execution of a program leading up to and during an incident, can provide valuable lift to an organization while others may falter against real-world challenges and pressures.
Additional contributor:Brian Karp