Business continuity still not receiving the necessary support

(07/08/2007)

A survey carried out by SunGard Availability Services reveals that almost half of UK businesses are struggling to embed business continuity management (BCM) into their organisation’s culture.

Whilst 56 per cent of respondents believe that their BCM policy is generally “good”, 44 per cent recognised that they were failing to entrench it into the fabric of their organisation. Not one of the 86 cross-sector organisations that responded to the online poll posted by SunGard Availability Services was found to be currently fully compliant with BS 25999, the new British Standard for BCM which is set to launch in September 2007.

This suggests that business continuity (BC) planning in the UK is still not receiving the necessary input and support that it requires at the highest level of the organisation. It also indicates that employees are currently not aware of the details of their organisation’s BC plans and what is expected of them following a business disruption.

The main shortcomings amongst respondents were poor testing procedures and failure to establish BC management within the culture of the organisation:
o 44 per cent of respondents admitted that failure to entrench BCM into the organisation’s culture was a major weakness
o 41 per cent of respondents felt that their BC plans are compromised by inadequate testing and review processes

Whilst the survey highlighted weaknesses in certain aspects of BCM that need to be addressed by organisations looking to gain BS 25999 certification, the overall picture did offer some encouragement:
o 56 per cent of respondents believed their BC policy to be generally good
o 23 per cent of directors and senior managers now take an interest in BCM.

Commenting on the results of the survey, Julian Thrussell, product manager BS 25999, BSi Management Systems, said: “Clearly there remains a significant amount of work to be done but the fact that these businesses are thinking about the new Standard now is a positive sign. Organisations need to recognise the value of BS 25999 certification in terms of delivering competitive advantage and demonstrating resilience and responsible governance.”

In its capacity as a representative member of Intellect, the trade association for the UK h-tech industry, SunGard Availability Services (UK) Limited was invited to join the BSI committee panel which prepared the BS25999 Standard for Business Continuity Management. As such, SunGard has played a role in the development of the new British Standard.

Ron Miller, managing consultant at SunGard Availability Services and member of the BS 25999 technical committee on behalf of Intellect, said: “This survey reinforces two of the principal tenets of BS 25999. Firstly, business continuity management cannot and must not be the sole preserve of the IT department. Instead it needs to permeate through the whole business and be woven into the fabric of the organisation, with input and leadership from the highest level. Secondly, business continuity management is a continual process, and therefore regular and comprehensive testing is essential to keep BC processes up to date and relevant as the organisation evolves.”

Related topics:  Security management and policies 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources