1. Business Continuity is not just a matter of keeping your software up and running
As a company keeping your application, services, or products alive for your clients is the most important service you provide. That follow through, on availability and capacity, is not just expected by your clients, it can quickly end your company if you fail.
With that in mind, Business Continuity is not just planning for the big events your company might face, it’s also to plan for the less visible changes your company can go through. From changes of leadership, to natural disasters, to regulation changes, planning to ensure your business does not have a disruption in services is vitally important. More often than not your new clients will be evaluating your plans to ensure your strategy helps enhance their operations rather than creates additional risk vectors.
2. Use the Cloud
While having all your data neatly tucked away with internal systems, hosting server banks at your company is starting to become more and more outdated as cloud computing becomes the standard. Having your data backed up to the cloud is a best practice in these situations, but there are often cheaper and easier ways to accomplish this. First, using cloud based applications can help eliminate your need to host similar applications in-house, which will relieve stress on your computing power, while at the same time helping to establish a data distribution that should build additional resiliency into your systems and processes. Additionally, utilizing a cloud-based application to store, manage, and distribute your business continuity plan is a best practice to help avoid losing your hard work from the unforeseen and helps to create visibility into your processes.
3. Ensure your plan is resilient enough to deal with the unknown
Having a plan and executing a plan are two different beasts. Creating the plan can be hard and time consuming, it is difficult to figure out different possible events and how they might affect your business but planning for the known is not just a nice to do, it’s a requirement. Regardless of how good your planning was, if you fail to address how to implement your plans, or don’t have clearly delineated lines of who will implement these plans, then you are in no better a situation than those who failed to plan. Ensuring your organization knows where your business continuity plan lives, and who is responsible for delineating that information or enacting the plan is highly important. Also, consider a fall back plan, should the members of your company tasked with executing the plan be unavailable, who will come in to save the day? Do they have access to the essential systems and contact information needed to get rolling on saving your company? Utilizing a single source of truth, a system known to hold these types of plans, is one of the best things your company can do to ensure your business continuity plan is utilized and followed.
StrunkAccess is a best in class GRC system built with these issues in mind. Not only do we support Risk Frameworks and Assessments, StrunkAccess can help you build a book of policies, controls, and procedures to address your company’s most pressing issues, including Business Continuity.