Business Continuity
Business Continuity
Business Continuity planning means the creation of a company's reaction strategy to the events that may compromise business activity. This strategy has the aim of protecting company's employees and the assets and predisposes guidance for the quickest disaster recovery. It serves as an internal protective measure, that is important for any business.
SSC collaborates with client companies to implement systems to guarantee the continuity of activities, in the event of endogenous or exogenous factors that could interrupt or damage the company, both from an economic and a reputational viewpoint.
SSC collaborates with client companies to implement systems to guarantee the continuity of activities, in the event of endogenous or exogenous factors that could interrupt or damage the company, both from an economic and a reputational viewpoint.
Objectives
● Identification of critical issues with respect to Business Continuity
● Fulfillment of the requirements defined by the company guidelines
● Fulfillment of the requirements defined by the company guidelines
Objectives
● Fulfillment of the requirements defined by the company guidelines
● Identification of critical issues with respect to Business Continuity
● Identification of critical issues with respect to Business Continuity
Planning process:
1
Identification of critical processes
2
Interviews with the management of the business areas involved
3
Analysis of possible events interrupting continuity
4
Constant alignment with the company for feedback
5
Creation of a descriptive document: the Business Continuity Plan
Business Continuity strategy is prepared in advance with the participation of key stakeholders and is built in several macro steps.
Firstly, all the most critical business processes are mapped in order to analyse any events that may interrupt their flow. Risk events that are to be considered vary from natural disasters to crime, such as cyber attacks.
Firstly, all the most critical business processes are mapped in order to analyse any events that may interrupt their flow. Risk events that are to be considered vary from natural disasters to crime, such as cyber attacks.
Risk types
Financial
Reputational
Product Accessibility
Raising & attracting Talents
Risk types
Financial
Reputational
Product Accessibility
Raising & attracting talents
Further, the probability, potential duration and impact of these events are evaluated. Economic assessment includes: Identification of 4 severity levels (from negligible to disruption of more than 80% of EBIT); Identification of critical cyclicities; Qualitative evaluation of event probability.
As the next step, a risk monitoring model is implemented and operational and organizational solutions are defined. The goal is to maintain operational continuity in terms of prevention, emergency rescue and mitigation of the effects. The operational criteria of action/reaction strategies for each event are the following:
● Preventive actions
● Mitigating actions
● Resolutive actions
● Risk-transfer compensatory actions
Response strategies must be consistent with the assessment of the impacts on business continuity.
● Inclusion in the Business Continuity Plan for restoring the discontinued activities.
● Particular focus is on the critical issues with an impact on more than 5% of EBIT
● Creation of ad hoc teams for the implementation of response strategies
Components of the Business Continuity Action Plan:
● Location Vulnerability Assessment Emergency Procedure Suite (how to act)
● Business Recovery Profile (actions to undertake)
● Plan Invocation Procedure (team)
● Plan maintenance, monitoring and review
The plan is updated with the collaboration of all parties involved either on an annual basis or in the face of significant events such as risk manifestation, introduction of new products and/or processes; change of suppliers; change of seat; internal company reorganization etc.
As the next step, a risk monitoring model is implemented and operational and organizational solutions are defined. The goal is to maintain operational continuity in terms of prevention, emergency rescue and mitigation of the effects. The operational criteria of action/reaction strategies for each event are the following:
● Preventive actions
● Mitigating actions
● Resolutive actions
● Risk-transfer compensatory actions
Response strategies must be consistent with the assessment of the impacts on business continuity.
● Inclusion in the Business Continuity Plan for restoring the discontinued activities.
● Particular focus is on the critical issues with an impact on more than 5% of EBIT
● Creation of ad hoc teams for the implementation of response strategies
Components of the Business Continuity Action Plan:
● Location Vulnerability Assessment Emergency Procedure Suite (how to act)
● Business Recovery Profile (actions to undertake)
● Plan Invocation Procedure (team)
● Plan maintenance, monitoring and review
The plan is updated with the collaboration of all parties involved either on an annual basis or in the face of significant events such as risk manifestation, introduction of new products and/or processes; change of suppliers; change of seat; internal company reorganization etc.
Designating a team for emergency response:
● Risk Control Bodies (activate the emergency)
● Emergency Response Team (HR protection and security)
● Recovery Management Team (chooses reaction strategy)
● Crisis Management Team (responsible for communication with media, HR and stakeholders)
● Business Management Team (implement and monitor continuity strategies)
● Technical Management Team (IT Infrastructure)
● Risk Control Bodies (activate the emergency)
● Emergency Response Team (HR protection and security)
● Recovery Management Team (chooses reaction strategy)
● Crisis Management Team (responsible for communication with media, HR and stakeholders)
● Business Management Team (implement and monitor continuity strategies)
● Technical Management Team (IT Infrastructure)
Designating a team for emergency response:
● Risk Control Bodies (activate the emergency)
● Emergency Response Team (HR protection and security)
● Recovery Management Team (reaction strategy)
● Crisis Management Team (communication with media, HR and stakeholders)
● Business Management Team (continuity strategies)
● Technical Management Team (IT Infrastructure)
● Emergency Response Team (HR protection and security)
● Recovery Management Team (reaction strategy)
● Crisis Management Team (communication with media, HR and stakeholders)
● Business Management Team (continuity strategies)
● Technical Management Team (IT Infrastructure)
Results
• Identification of response strategies (mitigating and preventive)
• Creation of Emergency Response Team & Action Plan
• Creation of Emergency Response Team & Action Plan
Results
• Identification of response strategies (mitigating and preventive)
• Creation of Emergency Response Team & Action Plan
• Creation of Emergency Response Team & Action Plan
Discover other solutions that we offer
Discover other solutions that we offer