Beruflich Dokumente
Kultur Dokumente
by
Syazwani Izzatie binti Muhamad Yazid
Universiti Teknologi Mara (UiTM) Kampus Puncak Perdana, Selangor
Abstract
Many businesses are not completely prepared for emergency incidents and/or hazards that will
potentially jeopardize their operations. This is where business continuity planning does the
work by preparing strategic plans that provide for normal continuation of operations with real-
time backup of processes in an events of disasters. Therefore, the purpose of this paper is to
understand the concept of business continuity planning and focusing on developing business
continuity planning methodology.
INTRODUCTION
According to Praveen Sinha, John Vargo and Steven Jensen (2014), emergencies, crises, and/or
disasters (hereinafter collectively referred to as incidents) adversely affect immeasurable
numbers of human lives every year. The impact from such incidents often weighs heavily upon
households in terms of property damage and destruction; they also weigh heavily upon
organizations, most particularly small businesses. Pre-incident planning can help businesses to
continue their operations during an incident, recovering from an incident and to restore
operations. These pre-incident plans can also be referred as business continuity plan (BCP).
Business continuity plan (BCP) is the preparation and implementation of strategic plans
that provide for normal continuation of operations with real-time backup of processes and
procedures in an events of natural or human error disasters (Karim, 2011). The disruptive
events to business continuity that usually happened include flood, fire, major information
system failure, power blackout, political activities, economic events or water system problems.
1
disaster has occurred within the acceptable time frame to be able to resume the business
operation. A disaster is any sudden or unplanned calamitous event that can cause a significant
disruption in operational and/or computer processing capabilities for a period of time, which
affects the operations of the business (Martin, 2002).
Business continuity planning primary objective is to safeguard an organization when a
part or all part of its computer services or operations are rendered unusable (Heng G., 2015).
According to Shulmistra (2017), one of the most fundamental goals is to guide the company’s
disaster recovery teams. Identify disaster recovery personnel is one of the most important
objectives of BCP. Another crucial purpose of creating a BCP is identifying the various threats
to the operations and their impacts. The plan will provide the specific procedures that need to
be followed to assist in recovery because when personnel will most likely won’t remember
exactly what they’re supposed to do when disaster strikes so they can consult the documents to
follow the protocols as they have already listed. Identifying where critical data and other assets
are being kept is one of the most important IT BCP objectives.
The few assumptions that were common with BCP according to Heng G. (2015) are no
access to the building that was affected for the next seven days, disaster occurs at the most
unguarded time for each function, not more than one building will be affected all together by a
disaster, disaster or IT recovery plan is in place and tested and only recovered the critical
business function and postponed the less essential business functions.
2
Figure 1 BCM Planning Methodology
Project Management
According to H. Frank Cervone (2017), BCP is concerned with the resumption and recovery
of business activities across the organization. In most organizations, people who are
responsible for organization daily operations are asked to create detailed procedures and plans
that become part of the BCP to recover operations based on different scenarios, such as set up
a new data center after a flood or relocating the offices after an earthquake. The development
of these plan and procedures is prioritized based on the probability of a particular event
happening to an organization. The entire project management process involves the following
steps:
1. Establish the need for BCM planning.
2. Research the work in the areas of BCM.
3. Develop a BCM planning framework.
4. Define the scope, objectives, and assumptions.
3
5. Manage the BCM planning process.
6. Establish a BCM project planning committee and team.
7. Develop an action plan and schedule.
8. Establish a budget.
9. Obtain commitment and approval.
10. Manage deadlines and milestones.
11. Build and maintain teamwork.
4
Business Continuity Strategy
According to Robert Withcher (2006), business continuity strategy is an approach by
an organization that will ensure its recovery and continuity in the face of a disaster or other
business disruption or major incident. The purpose of a BCP is to enable an organization to
recover or maintain its activities in the event of a disruption to normal business operations.
Meanwhile, the development of the business continuity strategy is the process to determine and
select operating strategy to maintain or continue the critical business products and services or
functions during a disaster (Heng G., 2015).
Plan Development
This phase is to determine the procedures for notifying the right people, assessing the
operational impact as well as to develop specific steps for minimizing the risks of an outage,
and restoring normal operations after the outage. The result from this step is the Business
Continuity Plan or Disaster Recovery Plan. The Business Continuity plan will be based on all
the procedures and priorities agreed upon by the executive management so that the need to
refer or make decisions in a disaster will be kept to an absolute minimum (Heng G., 2015).
Program Management
The next challenge is to keep the BCM program effort alive once the BCM planning
project has completed. The program management provides the ability to establish and maintain
business continuity in a manner appropriate to the size and complexity of the organization
(BS25999, 2006; Fasolis, Vassalos, and Kokkinaki, 2013). This phase is where the policy of
5
the objectives of the business continuity management being developed by the organization is
stated. The key element of this phase is to gain commitment from the top management as well
as assigning the appropriate roles and responsibilities to the program team. Some of the
activities that have to be completed under the Program Management phase, and they ensure
that the:
1. BC Plan is consistent with the most current business operational setup.
2. BC Plan is available, accessible and distributed to the recovery team.
3. Maintain BC Plan to an acceptable standard, efficiency, and effectiveness.
4. Planning efforts enable the prompt and correct response of the staff in a
disaster.
5. BC Plan is consistent with international standards.
References
Allen, D., & Westerblad, H. (2004). Physiology. lactic acid--the latest performance
enhancing drug. Science (New York, N.Y.), 305(5687), 1112-1113.
Bethany, M. P. (2014). Business continuity planning: Identifying gaps, patterns and
justifications (Order No. 1526894). Available from ProQuest Dissertations & Theses
Global. (1618227782). Retrieved from
http://search.proquest.com.ezaccess.library.uitm.edu.my/docview/1618227782?accou
ntid=42518
Fasolis, E., Vassalos, V., & Kokkinaki, A. (2013). Collaborative, trusted and privacy- Aware
e/m-Services: 12th iFIP wG 6.11 conference on e-Business, e-Services, and e-
Society, i3E 2013, athens, greece, april 25-26, 2013. proceedings. In Designing and
developing a business continuity plan based on collective intelligence (pp. 278-285).
Berlin, Heidelberg: Springer Berlin Heidelberg: Springer. doi:10.1007/978-3-642-
37437-1_23
H. Frank Cervone, (2017) "Disaster recovery planning and business continuity for
informaticians", Digital Library Perspectives, Vol. 33 Issue: 2, pp.78-81,
https://doi.org/10.1108/DLP-02-2017-0007
Heng, G. (2015). Business continuity management planning methodology. International
Journal of Disaster Recovery and Business Continuity, 6, 9-16.
doi:10.14257/ijdrbc.2015.6.02
Shulmistra, D. (2017, January 19). 9 Critical Business Continuity Plan Objectives. Retrieved
from https://www.linkedin.com/pulse/9-critical-business-continuity-plan-objectives-
dale-shulmistra
Tammineedi, R. L. (2010). Business Continuity Management: A Standards-Based Approach.
Information Security Journal: A Global Perspective, 19(1), 36-50.
doi:10.1080/19393550903551843.
Whitcher, R. (2009, June). BS 25999 – a framework for resilience and success. Retrieved
May 25, 2018, from http://www.efectus.cl/upload_files/documentos/27102009085025-
141381139.pdf