My latest book "Business Continuity Management for Small and Medium Enterprises" has just hit the streets. Inspired by the Cabinet Office and published by BSI it aims to simplify the essential components of business continuity planning and crisis response.
Business continuity management was initially developed by and for large organisations. I was an early pioneer more than 20 years ago when I developed plans and methodologies for coordinating the response to multiple forms of disaster across the old and gas evacuation processes in Shell operating companies. This work inspired the content of the business continuity chapter of the original BS7799 standard.
Very little has changed over the last 20 years, except for the unfortunate fact that it has become increasingly abstract, bureaucratic and complex. Small companies also need business continuity plans but they don't have professional advisers, crisis committees and expensive fallback arrangements. They need simple tips and practical examples of how to achieve 80% of the benefits at 20% of the effort.
Like many things in information security, business continuity is a simple concept that is best implemented using simple techniques. It's often best to go back to basics and design practical solutions from first principles, rather than drawing on the jargon and knowledge base that accumulates over the years. Small companies are an inspiration for helping us to see the wood rather than the trees.