Business Continuity: why it's important to do things in the right order
If the pandemic has taught us anything, in addition to disrupting our personal and professional lives, it’s the importance for companies to be able to continue their activities in exceptional situations. Some companies have been more agile in adapting to ensure that their employees can continue to work. For others, it has been more of a challenge. Was the pandemic an opportunity for your company to review, improve or even develop its Business Continuity Plan (BCP)? As you can imagine, business continuity is not only put to the test in case of natural disasters such as a fire or a flood, but also by global events such as the one we have been experiencing for over a year.
At ESI Technologies, we have acquired a great deal of expertise in the field of business continuity over the years, enabling us to develop best practices to help our clients implement their BCP.
The field of business continuity is a combination of two complementary components: the Business Continuity Plan and the IT Service Recovery Plan (ISRP). The first addresses governance, the second the technical aspect.
"You need a governance framework to set recovery time objectives (RTO) as well as your tolerance for data loss, i.e. the recovery point objectives (RPO)."
The BCP will be the first to be called upon in the event of a major crisis affecting the normal operation of your company. For example, a fire breaks out at your headquarters and the main IT room is affected. Who decides to launch the BCP? How do you get in touch with your customers and partners? Who will take over the IT services and how?
The recovery of IT services should be handled by the ISRP. Such a plan must be governed by the BCP and developed not only with all the IT players but also with the stakeholders of your various business units. It is within the ISRP that you will find the list of activities and the sequence of their execution that will allow you to restore your company’s IT services and essential applications.
One last important note: once in place, the BCP and ISRP must be maintained over time. They must be aligned with your change management, otherwise there is a risk of a disconnect between your plans and the operational reality of your business.
If your company does not have a BCP or has one but does not have an ISRP in place, ESI can assist you in all stages of their development. Whether your recovery is based on on-premises assets or in the cloud, we can advise and assist you in enhancing your current infrastructure to increase your agility with a BCP and ISRP. Contact one of our specialists to discuss this further.
Senior Consultant – Architecture & Technologies