Why won’t you find details on the best examples of business continuity programmes in the world?
Because they are, by their very nature, confidential.
This conversation on Linked In started us thinking about why it’s so hard to get insider knowledge on how big business protects its organisation. Those entities that require the best business continuity and resilience measures are, usually by definition, those that cannot share these practices with the public due to their sensitive nature. If you’re a potential target for malicious activity, it makes no sense to share any of the counter measure or contingency arrangements you’ve put in place.
The whole conversation (to the point we published this article) went like this – I’ve removed names though you can find them on the original conversation:
Respondent 1: Good morning XXX, there are many to choose from across the span of industrial, not-for-profit, government, commercial and military sectors. I am familiar with several large financial and insurance institutions based here in the U.S. who have gone beyond the regulatory reuqirements and leverage Business Continuity as a competitive advantage. Without their permission, I cannot mention them publically — I will send you a comment privately.
Respondent 2: I would say SunGard. They have a 100 percent recovery track record with their clients.
Respondent 3: There are many companies out there who can provide “managed service provisions both for IT recovery and Work area recovery”, however, from an operating company perspective it still has to track back to your operating model, financial and operational risks, and what you are willing to pay for – everything is possible with a cost.
Respondent 4: IPsoft, Automation is the Clue
Respondent 5: I’d say that’s an impossible question to answer here since those companies that require and implement the best continuity plans are arguably those most likely to need to shroud much of their planning in confidentiality. You might get some examples here, but you may never know about the very best.
Respondent 6: I think XXXX is correct. The companies previous respondants have suggested are “service providers”, not companies with best-in-class BCM programs. It is unlikely that such companies will volunteer themselves. But…you might look at recent conferences (DRJ, Continuity Insights, etc.) to see which companies (not service providers) are represented among the presenters. While not foolproof, those lists may be an indicator of companies with mature, if not ‘model’, BCM programs.
Respondent 7: I think it may also be fair to say that some companies’ owe their exemplary BCM success to the passion of the practitioners they employ. In working with customers to develop case studies or to support entries into the BC Awards, I have been priviledged to work with many whose passion, drive, knowledge and enthusiasm has made all the difference – and who have similar impact wherever they do. I can’t name names without their permission, but cross referencing published cases with BC Awards’ successes should provide a clue.
So where does this leave the continuity planner that – very sensibly – wants to learn from others?
It leaves us to network. Yep, it’s not a dirty word! We’re not talking about making small talk with people at conferences, or attending industry awards to nod politely to other tables. We’re talking about reaching out with a phone call to a counterpart at a company that might be able to help you; joining a group - free informal ones such as BANG or professional ones such as the BCI) to meet other people. Because you’re more likely to get insider information from people you know that you are from the internet or casual acquaintances.
We’ve written about this before, of course, in an article called Making Friends In Business Continuity…
And making contact need not be scary – after all, you’d probably speak to someone who contacted you, right?
Subscribe - weekly news and a free course!