Disaster management business-continuity

Disaster Management: How to Conduct Business Continuity Risk Management

Business Continuity Risk Management

Disaster management business-continuity

Business Continuity Planning is Essential

Understanding Risk

There are many very good reasons why business continuity (BC) hazard and risk assessment needs to be conducted regularly.  Some of the most important are:

  • To identify problems and potential problems
  • As an aid to decision making
  • To assist with resource allocation
  • To identify priority actions

All of these are key roles in BC management.

As with BC models there are many different Risk Management models.  This is only one:

Each of these stages is very important in the overall risk management process:

Define – identify all of the potential risks that might occur

Assess – Assess the risks and grade them in relation to their probability and severity of impact

Mitigate – identify any activity which could either avoid, reduce or eliminate the risk

Plan – produce a plan to prioritise mitigation processes

Evaluate – the plan and the processes to ensure that they are workable and have the desired effect.  Where necessary, return to the beginning of the cycle and repeat the process.

Stage 1 – Define the risks

To produce effective BC management risk assessment plans, risks must be defined and identified at all levels. The best people to identify risks are those who are working in the environments in which the risks occur. For example, the identification of risks which occur in hotels is best left to the hotel management. Risks which might impact on the nation as a whole are best identified by government bodies. Whoever assumes responsibility for identifying risks should consider all possible eventualities no matter how improbable.

Stage 2 – Assess the risks

Once all risks have been identified, decisions must be made:

How probable is it that the risk will occur

If the risk does occur how severe is the impact likely to be

Stage 3 – Mitigate the risks

During this process all of the identified risks must be examined to determine how best to deal with them. There are four options which will be discussed fully in a later Chapter.

Stage 4 – Plan

When the first three stages have been completed, a comprehensive risk assessment plan should be written and communicated to all persons who are required to take action in respect of it.

Stage 5 – Evaluate

It is very important that all stages of the risk assessment process are evaluated to ensure that all necessary action has been taken. The evaluation process should be conducted regularly, especially if there has been any change in circumstances. The process should be conducted before, during and after any BC situation.

BC Impact Analysis

The process of identifying:

  • The likelihood of an identified risk occurring
  • The impact on the organisation if it does

This information is then normally presented in a table.  The table on the right is only an example.  Your organisation may require a different format.

All Identified risks should also be recorded in a Risk Register.  These can be either manual or electronic but should be accessible to anyone in the BC management team for easy amendment as necessary.

Risk Registers:

Are necessary to retain control of the risk assessment process

Should be maintained at all levels

At strategic (national) level will be a register of organisations as well as the risks at National level

Risk registers should contain at least:

  • A risk reference
  • Risk category
  • Risk sub-category
  • Description of the risk
  • Likelihood rating
  • Impact rating
  • Risk rating
  • Person or department responsible for monitoring the risk

Once risks have been identified they must be evaluated and mitigation activities identified.  It is then necessary to conduct a Cost/Benefit Analysis which is the process of:

  • Identifying the cost of implementing mitigation strategies
  • Identifying the benefits to be gained from the mitigation strategies
  • Identifying whether the potential cost of implementation outweighs the benefits to be gained
  • Deciding whether to implement the strategies

The process must be realistic and should be guided by your ‘What is important’ analysis

Disaster management requires thorough planning if it is to be successful.  The planning can mean the difference between people living and dying.  Between businesses being able to recover from a disaster or going under.  This book will help, in a simple but effective way, any business continuity practitioner to prepare for a disaster which might affect their organisation.

Please follow, like and share us:
About The Author

Ian Watts

61 years old. Lived in several countries around the world and visited many more. Two grandchildren I adore. I've been a professional investigator and a trainer. Love going on cruises. Semi-professional photographer.

FB blog comments

Leave a Reply

Be the First to Comment!