Business continuity planning has become a critical component to companies with respect to risk management. Over the past few years, risk managers have changed how they view risk from looking at it from a silo perspective to an enterprise wide perspective. They have determined that a cohesive corporate risk management strategy is imperative in today’s world. Critical ingredients to this enterprise wide risk management system are being prepared, mitigating risks, recovering from risks, and being able to continue operating.
For business continuity planning, risk managers are essential to the process. This point is highlighted in an article by Pat Moore The Role of the Risk Manager in Continuity Planning. They create and contribute to the steering committee, help to determine the scope of the project, and make certain that the vital resources are provided to achieve the goals and objectives. Some of the benefits of business continuity planning recognized by risk managers are the organization’s ability to comply with contractual agreements concerning delivery of products or services, the institution of procedures to discover and explain for costs incurred during the recovery process, and the reduction of stockholders filing lawsuits against management for a lack of due diligence or duty of trust.
In today’s economy, companies’ risk management areas utilize the business impact analysis (BIA) process to identify the financial and operational impacts of risk exposures for the businesses and their suppliers. The BIA process helps to determine the cost of risks and also develop recovery strategies. Some additional impacts consider with the use of the BIA process are:
- Loss of critical employees
- Loss of important documents or records
- Global issues such as a change in political climate
- Interruption of importing/exporting operations
- Critical labor relationships
- Potential sources of revenue
- Regulatory controls
In addition to identifying the impacts of specific areas, the BIA process assists risk management and an organization’s executive management to make better-educated decisions on which business units are critical to the operations of the business, how long of a time lag is acceptable before the units are back in operation, what resources are needed to get the business going again, and the methods on addressing the company’s internal and external interdependencies. In the past contingency planning was performed by a contingency planner with a background in information systems. However recently companies are realizing that the planning needs to begin with the CEO or COO and then go through the CFO to the risk manager. The risk manager’s goal is to protect the assets and manage the risks of a company and today the risk manager is integrated this objective with the financial decisions and business continuity planning issues. More and more risk managers are becoming involved with strategic management and continuity of operations planning and therefore are influential to helping business continuity professionals improve the process while expanding the scope of contingency planning.
Subscribe to ERM Insights
The latest research, insights and opportunities from the NC State ERM Initiative to help
you and your organization lead with confidence.