by Joaquim Pereira on March 22, 2013
It is common in our daily life and in our nature adopt strategies that allow us to prevent or even mitigate the result of common situations inherent in our daily lives.
In our house we adopt strategies for prevention, detection or response, for example through the installation of an alarm – which aims to deter, detect and guarantee a response by the authorities in case of attempted robbery – the installation of an armored door, a lock reinforced, or even the insurance cover for filling the same. These strategies allow even prevent or mitigate the impact of certain inherent threats, human or environmental, such as theft, fire, flood, natural disaster, such as tornadoes, floods, hurricanes, or other.
In our day life we adopt a number of other strategies to protect or ensure the continuity of our welfare or the welfare and stability of our family, for example through a subscription of a health insurance, that allows access to a health system in case of need; the subscription of a life insurance policy, that, in the event of less fortunate circumstances, pretend to guarantee conditions that ensure the future well-being of our loved ones; or even the simple gesture of having a pair of keys that usually are held by two different people to ensure the entry into home or even continue to use the same car in case one of the keys get lost.
Every day, we perform a set of actions that, in a more or less conscious way, fit into continuity strategies. Applying this analogy to the environment we live in, we find that we can also adapt it in businesses, organizations, banks, governments or central mechanisms European, however we know that strategies we have selected are not sometimes the most appropriate. Sometimes the response mechanisms of action or either do not work as we would like or do not respond as originally planned.
When we put an alarm in our house, we know that in an extreme situation it could not operate, authorities could not get a response in a timely manner, the telephone line by which it should communicate could fail, however it is always better to be a strategy and plan of action of any measure than does not having any measure at all. Understand that the reliability of the measures and strategies we adopt increases as the level of detail and the number of exercises and tests we perform, for instance to our alarm equipment or to the procedures to be followed in a given situation. Knowing what to do before a given scenario, who should do what, and what actions should be performed, are important steps that can prevent or mitigate the results. however we know that sometimes the only option we have is to try to minimize the impact, like insurances, emergency plans or plans for responding to crises.
For businesses, organizations, banks and governments this component of continuity is critical with regard to ensuring the continuity of its operations, in response to its clients, the well-being of citizens or, in the case of banks, the guarantee financial viability and protection of the savings of their customers. Whatever the area of operation, type of entity, inherent situation or emergent situation, the area of business continuity presents itself as a critical component and must be addressed and properly planned.
The strategies, plans, activities, mechanisms and response times, resource requirements, or even the quantification of how much we are or we can be willing to lose, are factors that will make a difference in the event of disruptive events.
Aware for such needs and to define strategies and models based on this type of response, ISO – global benchmark organization of international standards, provides an international standard that defines the most relevant points for the implementation of an integrated management and business continuity.
The ISO 22301 defines a management system for business continuity – management system that uses a set of processes, activities, plans and allowing outline the main guidelines for defining the best strategies for business continuity – and gives requirements for implementation and international certification of management systems business continuity in organizations. This standard applies to any organization, regardless of their area of operation and its size.
Alignment with ISO 22301 certification or even a system of an organization in this standard, enables organizations to ensure a high level of resilience – the ability to adapt to unexpected situations and react according to the best strategies – with regard to the best inherent response to possible disruptive events.
For an organization, or even a government entity, it is important to ensure the best results, in the shortest times possible, using the most appropriate mechanisms and resources, whether human, technical or procedural.
These are the scenarios where the best resources and their strategies make a difference.
Aware of this reality, PECB (Professional Evaluation and Certification Board), the certifying body of international people, launched a series of training programs and certification of professionals, who will be responsible for implementing, operating or even validate/audit this type of management systems and business continuity.
Aligned to these needs and the need to train with the best resources qualifications, Behaviour Group presents qualification programs in ISO 22301 Introduction, ISO 22301 Foundation, ISO 22301 Lead Implementer, ISO 22301 Lead Auditor.
These programs cover all stakeholders involved in program management business continuity, whether the awareness of those who will be the maximum responsible for this program (ISO 22301 Introduction), whether for those who will be involved in the management and operation of the program (ISO 22301 Foundation), whether for those who will be in charge or will be involved in project System implementation of Business Continuity Management (ISO 22301 Lead Implementer) and for those who will have a key role in the validation and analysis (audit) of this program with the same goals for improvement (ISO 22301 Lead Auditor).
Admittedly, a good strategy is not foolproof, however a good strategy and a strategy based on a recognized business continuity system, ISO 22301, is always greater guarantees of success in the case of an organization having to deal with disruptive events.
Maybe now you are questioning about what strategies you are using in your organization. Perhaps, after reading this article, you think you has already defined the best strategy. At first sight, the existence of a strategy is always a step forward, and one strategy is better than the absence of any strategy. However perhaps the answers you must search for are those that should answer the question: In your organization, in the case of a particular disruptive event, you knows to identify who should do what, how, when and in what order these activities should be conducted?
Remember that your strategy should be tested, evaluated and monitored, because a business continuity system has only success if it is marked by a good strategy, but a good strategy without competence is a mere good intention. A good strategy has to be competent and this is only possible if it is outlined, implemented, managed and audited by qualified professionals.