My latest book "Business Continuity Management for Small and Medium Enterprises" has just hit the streets. Inspired by the Cabinet Office and published by BSI it aims to simplify the essential components of business continuity planning and crisis response.
Business continuity management was initially developed by and
for large organisations. I was an early pioneer more than 20 years ago when I
developed plans and methodologies for coordinating the response to multiple
forms of disaster across the old and gas evacuation processes in Shell
operating companies. This work inspired the content of the business continuity chapter of the original BS7799 standard.
Very little has changed over the last 20 years, except for
the unfortunate fact that it has become increasingly abstract, bureaucratic and
complex. Small companies also need
business continuity plans but they don't
have professional advisers, crisis committees and expensive fallback
arrangements. They need simple tips and
practical examples of how to achieve 80% of the benefits at 20% of the effort.
Like many things in information security, business continuity
is a simple concept that is best implemented using simple techniques. It's
often best to go back to basics and design practical solutions from first principles,
rather than drawing on the jargon and knowledge base that accumulates over the
years. Small companies are an inspiration for helping us to see the wood rather
than the trees.
Subscribe to blog feed
At last a positive steer from the insurance community. It is possible to obtain premium reductions for both business interruption and, providing you can demonstrate a good governance system, material damage cover. Confirming to an insurer that you have a BC is plan in place will positively influence the quoted premium, demnonstrating a formal governance and oversight framework is also in place can result in really big wins.