During the crisis that emerged from the COVID-19 pandemic, businesses were faced with the ultimate challenge to ensure a smooth continuation of operations. Managing businesses is not just about exceeding yearly targets anymore, but to mitigate risks from all fronts, such as disruptions in IT systems, natural disasters, contagious diseases and more.

Businesses cannot afford to witness such events as these could bring operations to a halt and impact the customer experience. It is imperative that a robust Business Continuity Plan (BCP) is in place to avoid disruptions.

A BCP is a document that outlines how a business will continue to operate if an unexpected disruption were to occur, ensuring that critical activities are not interrupted and impacts are mitigated to the bare minimum.  It is comprehensive as it includes contingency plans for the affected areas of the business such as processes, personnel, assets as well as third parties.

The Disaster Recovery Plan (DRP) is a vital tool of the BCP which contains the necessary programme to restore network, servers and physical hardware. Furthermore, manual interventions should be included so that operations are maintained in order to meet deadlines until systems are up and running.

Factors contributing to an effective DRP include continuity such as having back-up servers available when the primary server becomes unavailable or scheduled maintenance and establishing a recovery site if the main building becomes inaccessible. Nowadays, the need for a recovery site is becoming obsolete as most businesses are allowing employees to work remotely from home, which in turn serves as a resilience test.

The lifecycle of a BCP is initiated by what is called a Business Impact Analysis (BIA), an exercise which enables users to identify critical processes and resources that support them. Next, in conjunction with the IT department, recovery plans are determined via a gap analysis by comparing recovery requirements with current capabilities.

The plan is then laid out by having documented business and IT procedures and assembling teams with a responsible business continuity officer for each unit. It is of utmost importance that the BCP is not in place for just having it, but for testing and improving the framework. In fact, the BCP should be reviewed and tested regularly.

It is imperative that a robust Business Continuity Plan (BCP) is in place to avoid disruptions- Matthias Cardona

A popular test is the ‘Call Tree’, where during out-of-office hours employees are notified of any emergencies. This is normally initiated by the business continuity officer via an agreement by sending a message to several staff members who then relay the message until it reaches everyone.

Why is having a BCP essential?

Throughout the pandemic, when operations were put under stress and eventually impacted, the BCP had to be triggered. In this respect, regulators urged licence holders to have the necessary measures and precautions to counter any disruptions that may arise. Ironically, due to the pandemic, awareness has been raised to an unprecedented level.

The reactive approach to manage risks is undoubtedly not the ideal way if businesses strive to become successful. The importance of preparedness and risk thinking must be embedded throughout an organisation so that anticipated threats are controlled, and their impact is reduced.

An effective BCP ascertains that a company is robust enough to counter the loss of operations that lead to financial losses. Ultimately, having adequate and effective controls provides comfort to investors by ensuring that a company is resilient enough to manage critical situations.

Matthias Cardona is a risk analyst at BOV Asset Management Ltd.

The writer and the company have obtained the information contained in this document from sources they believe to be reliable, but they have not independently verified the information contained herein and, therefore, its accuracy cannot be guaranteed. The writer and the company make no guarantees, representations or warranties and accept no responsibility or liability as to the accuracy or completeness of the information contained in this document.

They have no obligation to update, modify or amend this article or to otherwise notify a reader thereof if any matter stated therein, or any opinion, projection, forecast or estimate set for the herein changes or subsequently becomes inaccurate.

BOV Asset Management Limited is licensed to conduct investment services in Malta by the Malta Financial Services Authority. 

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.