Maintaining 'business as usual' during times of disruption

Published date:

Modified date:

Image of a girl runningExtreme weather – especially snow and flooding – causes widespread serious challenges in the UK, not only disrupting our day-to-day activities but also costing businesses and the UK economy billions of pounds.

In 2018, the 'beast from the east' weather system combined with Storm Emma to create some of the most testing weather ever experienced in the UK. Analysts estimated that the disruption cost the economy at least £1bn a day.[1]

Speaking at the time, Howard Archer, Chief Economic Adviser to the forecasting group EY ITEM Club, said the reduced footfall at shops, leisure facilities, theatres, cinemas and restaurants would lower economic activity and that delays to shipments of raw materials destined for manufacturing firms would also interrupt carefully constructed supply chains.

Extreme weather is just one potential disruption to business. Organizations must identify and assess the possible threats to their business and the impact each one might have, as well as the potential impact on reputation and brand. Only then can organizations effectively treat the risks.

What are the top business continuity threats?

In a world of increasing complexity and uncertainty, the risk of disruption has become one of the most fundamental risks that organizations face across virtually all sectors. New threats are emerging every year, some of which are difficult to identify and which can catch an organization unaware. However, the Business Continuity Institute's annual Supply Chain Resilience Reports can help by providing an excellent overview of the current business continuity threats and where future threats might lie.

In its 2018 survey[2] the following were found to be the top 10 business continuity threats:

  1. unplanned IT and telecom outages;
  2. adverse weather;
  3. cyber and data breaches
  4. loss of talent/skills;
  5. transport network disruption;
  6. new laws or regulations;
  7. outsourcer failure;
  8. health and safety incidents;
  9. currency exchange rate volatility; and
  10. fire.

Looking ahead to the next 5 years, the respondents were concerned about the potential increasing threats of terrorism and human illness.

Some organizations have adopted a business continuity management system (BCMS) to help them cope with disruptive incidents affecting their business-critical processes and activities.

What is a BCMS?

A BCMS provides a structure for organizations to update, control and implement effective plans, taking into account organizational contingencies and capabilities as well as business needs and objectives.

Successful implementation of a BCMS has multiple potential benefits, including improved organizational resilience and capability to remain effective during disruptions, reduced legal and financial exposure, and even creating a competitive advantage.

After all, if your organization can operate as 'business as usual' – or somewhere close to it – during times of disruption, this acts as reassurance for clients that want to depend on dependable suppliers.

What is BS EN ISO 22301:2019?

The international standard BS ENISO 22301:2019, Security and resilience — Business continuity management systems — Requirements, provides a best-practice framework for implementing a BCMS, helping to enable organizations to minimize disruption and continue operating in the event of an incident.

It replaces BS ISO 22301:2012, having been updated to make sure that it remains relevant to today's business environment.

The standard specifies the structure and requirements for implementing and maintaining a BCMS that develops business continuity appropriate to the amount and type of impact that the organization may or may not accept following a disruption.

The requirements specified in the standard are generic and intended to be applicable to all organizations, or parts thereof, regardless of the type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating environment and complexity.

The standard is also intended to be used to assess an organization's ability to meet its own business continuity needs and obligations.

How long do you have to upgrade to BS EN ISO 22301:2019?

If your organization is currently certified to ISO 22301:2012, you will have 3 years to transition to ISO 22301:2019. After 30 October 2022, the certificate for ISO 22301:2012 will no longer be valid.

BSI will continue to audit against ISO 22301:2012 until 30 April 2021 to allow organizations sufficient time to update and align to ISO 22301:2019.

To get started, buy a copy of the latest standard and consider a BSI transition course to help you understand the changes and how they impact your current BCMS.

https://www.bsigroup.com/en-GB/iso-22301-business-continuity/revision/

Click here to provide feedback