The Three C’s of Business Continuity

By: Fran Howarth| - Leave a comment

Bigstock

According to the Business Continuity Institute, maintaining business continuity and managing disaster recovery requires organizations to focus on three C’s: contingency planning, continuity capability and crisis response. The payoff from excelling in these areas can be considerable: The Ponemon Institute suggests effectively managing business continuity can reduce the total cost of a data breach by 16.2 percent. Combined, the three C’s of continuity determine a business’s ability to effectively respond to and recover from crises.

1. Contingency Planning

Contingency planning addresses events that businesses can plan for, such as the likelihood of flooding in a certain area. Businesses can plan for these kinds of events by gauging their probability as indicated by past events and putting plans in place based on their likelihood and severity. However, contingency planning is not useful when it comes to recovering from unexpected events.

2. Continuity Capability

Events that are hard to predict require continuity capability, which minimizes the consequences of an unexpected event. Organizations must understand the consequences that an unexpected event could have on their operations. Continuity capability requires businesses to have a clear picture of how they’ll continue to function if vital resources become unavailable. These instances could include communications failure and absent staff due to illness or an inability to reach the workplace. It requires careful planning and preparedness, examining how operations could potentially be disrupted and preparing the necessary resources to prevent excessive downtime.

3. Crisis Response

How an organization responds to a crisis is key to its ability to resolve the situation and resume normal operations as soon as possible. Crisis response is essential for both risks that were entirely unknown and those that were overlooked.

To implement successful business continuity and disaster recovery, businesses must invest in each of the three C’s. The ability to execute on each of these areas is essential to ensuring that a business is prepared to tackle risks and handle the strategic, financial and operational consequences of any crisis.

Topics: , ,

Comments

About The Author

Fran Howarth

Freelance Writer

Fran Howarth is an industry analyst and writer specializing in cybersecurity. She has worked within the security technology sector for more than 25 years in an advisory capacity as an analyst, consultant and writer. Fran focuses on the business needs for security technologies, with a focus on emerging technology sectors. Current areas of focus include cloud security, data security, identity and access management, network and endpoint security, security intelligence and analytics and security governance and regulations. Fran can be reached at fhowarth@gmail.com.

Articles by Fran Howarth
See All Posts