Looking for a way to ‘measure’ your business continuity efforts?
In tough times, you may need to make the best case possible to continue to secure funding for your business continuity programme. Senior management often value impartial measurements of the maturity of your programme to understand what the funding has achieved so far. But how do you measure business continuity with any great accuracy?
ContinuitySA claim their business continuity maturity model offers an objective way to gauge your programme.
The model has twelve critical success factors:
- Executive support. Is there a business case and is it backed up with budget, policies and leadership commitment?
- Resources and expertise. Are they sufficient?
- Core enterprise threat assessment. What are the threats and single points of failure—and how are they managed and mitigated?
- Extended enterprise threat assessment. The same assessment made of the supply chain.
- Continuity strategies. What are the possible strategies for each of the resource dependencies, and which ones should be selected?
- Incident management framework. This should consist of strategic, tactical and operational activities with an appropriate infrastructure.
- Incident (emergency) response. Are the procedures, infrastructure and teams in place to protect your most valuable asset, your people?
- Reputation management. Are the procedures, infrastructure and teams in place to protect your next most valuable asset?
- Business continuity plans. Do they include an initial response, recovery plans and, ultimately, resumption of normal operations?
- Recovery infrastructure. Is it adequate, and is its own risk profile adequately managed?
- Testing. This is one of the most vital steps and one that companies struggle with the most.
- Assurance reviews and audits. These processes are necessary ultimately to drive a culture of continuous assessment.
Subscribe - weekly news and a free course!