Get Instant Access
to This Blueprint

Infrastructure Operations icon

Develop a Business Continuity Plan

Streamline the traditional approach to make BCP development manageable and repeatable.

  • Recent crises have increased executive awareness and internal pressure to create a business continuity plan (BCP).
  • Industry and government-driven regulations require evidence of sound business continuity practices.
  • Customers demand their vendors provide evidence of a workable BCP prior to signing a contract.
  • IT leaders, because of their cross-functional view and experience with incident management and DR, are often asked to lead BCP efforts.

Our Advice

Critical Insight

  • BCP requires input from multiple departments with different and sometimes conflicting objectives. There are typically few, if any, dedicated resources for BCP, so it can't be a full-time, resource-intensive project.
  • As an IT leader you have the skill set and organizational knowledge to lead a BCP project, but ultimately business leaders need to own the BCP – they know their processes, and therefore, their requirements to resume business operations better than anyone else.
  • The traditional approach to BCP is a massive project that most organizations can’t execute without hiring a consultant. To execute BCP in-house, carve up the task into manageable pieces as outlined in this blueprint.

Impact and Result

  • Implement a structured and repeatable process that you apply to one business unit at a time to keep BCP planning efforts manageable.
  • Use the results of the pilot to identify gaps in your recovery plans and reduce overall continuity risk while continuing to assess specific risks as you repeat the process with additional business units.
  • Enable business leaders to own the BCP going forward. Develop a template that the rest of the organization can use.
  • Leverage BCP outcomes to refine IT DRP recovery objectives and achieve DRP-BCP alignment.

Develop a Business Continuity Plan

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should develop a business continuity plan, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

1. Identify BCP maturity and document process dependencies

Assess current maturity, establish a team, and choose a pilot business unit. Identify business processes, dependencies, and alternatives.

2. Conduct a BIA to determine acceptable RTOs and RPOs

Define an objective impact scoring scale, estimate the impact of downtime, and set recovery targets.

3. Document the recovery workflow and projects to close gaps

Build a workflow of the current steps for business recovery. Identify gaps and risks to recovery. Brainstorm and prioritize solutions to address gaps and mitigate risks.

4. Extend the results of the pilot BCP and implement governance

Present pilot project results and next steps. Create BCMS teams. Update and maintain BCMS documentation.


Member Testimonials

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.

9.2/10


Overall Impact

$30,547


Average $ Saved

37


Average Days Saved

Client

Experience

Impact

$ Saved

Days Saved

XGen Pharmaceuticals DJB, Inc.

Guided Implementation

9/10

$2,479

5

Encore Electric

Guided Implementation

9/10

$6,197

10

RJRGLEANER Communications Group

Guided Implementation

10/10

$70,000

10

XGen Pharmaceuticals DJB, Inc.

Guided Implementation

9/10

$30,989

20

Eswatini Railway

Guided Implementation

9/10

$12,835

60

Town Of Marana

Guided Implementation

10/10

$12,395

120

CenCal Health

Guided Implementation

9/10

$95,000

80

Town Of Marana

Guided Implementation

10/10

N/A

120

XGen Pharmaceuticals DJB, Inc.

Workshop

10/10

$25,411

20

Wade Trim Associates, Inc.

Guided Implementation

10/10

$61,979

20

City of Leduc

Workshop

7/10

N/A

10

Grinnell College

Guided Implementation

10/10

$7,437

20

Wisconsin Compensation Rating Bureau

Guided Implementation

8/10

$12,395

10

Werner Co.

Guided Implementation

7/10

$12,292

5

Old Republic National Title Insurance Company

Guided Implementation

9/10

$30,731

5

MSI online

Guided Implementation

9/10

$2,000

6

City of Leduc

Guided Implementation

10/10

N/A

5

Symptai Consulting Ltd.

Guided Implementation

9/10

$7,537

10

Momenta Pharmaceuticals

Guided Implementation

10/10

$63,880

10

County of San Luis Obispo

Workshop

5/10

N/A

N/A

County of San Luis Obispo

Workshop

10/10

$127K

85

Bay Cove Human Services Inc.

Workshop

6/10

$18,463

60

Blessing Hospital

Guided Implementation

10/10

$127K

50

Montana Department of Revenue

Guided Implementation

9/10

$6,366

14

City Of Kawartha Lakes

Workshop

10/10

$25,000

20

XGen Pharmaceuticals DJB, Inc.

Guided Implementation

9/10

$22,283

10

Cree Board of Health & Social Services of James Bay

Workshop

10/10

$50,000

90

Kentucky Housing Corporation

Guided Implementation

10/10

$31,833

20

University of Exeter

Guided Implementation

10/10

N/A

N/A

Mott MacDonald LLC

Guided Implementation

7/10

$10,440

5


Business Continuity

Streamline the traditional approach to make BCP development manageable and repeatable.
This course makes up part of the Security & Risk Certificate.

Now Playing: Academy: Business Continuity | Executive Brief

An active membership is required to access Info-Tech Academy
  • Course Modules: 5
  • Estimated Completion Time: 2-2.5 hours
  • Featured Analysts:
  • Frank Trovato, Research Director, Infrastructure Practice
  • Eric Wright, SVP of Research and Advisory

Onsite Workshop: Develop a Business Continuity Plan

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Define BCP Scope, Objectives, and Stakeholders

The Purpose

Define BCP scope, objectives, and stakeholders.

Key Benefits Achieved

Prioritize BCP efforts and level-set scope with key stakeholders.

Activities

Outputs

1.1

Assess current BCP maturity.

  • BCP Maturity Scorecard: measure progress and identify gaps.
1.2

Identify key business processes to include in scope.

1.3

Flowchart key business processes to identify business processes, dependencies, and alternatives.

  • Business process flowcharts: review, optimize, and allow for knowledge transfer of processes.
  • Identify workarounds for common disruptions to day-to-day continuity.

Module 2: Define RTOs and RPOs Based on Your BIA

The Purpose

Define RTOs and RPOs based on your BIA.

Key Benefits Achieved

Set recovery targets based business impact, and illustrate the importance of BCP efforts via the impact of downtime.

Activities

Outputs

2.1

Define an objective scoring scale to indicate different levels of impact.

  • BCP Business Impact Analysis: objective scoring scale to assess cost, goodwill, compliance, and safety impacts.
2.2

Estimate the impact of downtime.

  • Apply the scoring scale to estimate the impact of downtime on business processes.
2.3

Determine acceptable RTO/RPO targets for business processes based on business impact.

  • Acceptable RTOs/RPOs to dictate recovery strategy.

Module 3: Create a Recovery Workflow

The Purpose

Create a recovery workflow.

Key Benefits Achieved

Build an actionable, high-level, recovery workflow that can be adapted to a variety of different scenarios.

Activities

Outputs

3.1

Conduct a tabletop exercise to determine current recovery procedures.

  • Recovery flow diagram – current and future state
  • Identify gaps and recovery risks.
3.2

Identify and prioritize projects to close gaps and mitigate recovery risks.

  • Create a project roadmap to close gaps.
3.3

Evaluate options for command centers and alternate business locations (i.e. BC site).

  • Evaluate requirements for alternate business sites.

Module 4: Extend the Results of the Pilot BCP and Implement Governance

The Purpose

Extend the results of the pilot BCP and implement governance.

Key Benefits Achieved

Outline the actions required for the rest of your BCMS, and the required effort to complete those actions, based on the results of the pilot.

Activities

Outputs

4.1

Summarize the accomplishments and required next steps to create an overall BCP.

  • Pilot BCP Executive Presentation
4.2

Identify required BCM roles.

  • Business Continuity Team Roles & Responsibilities
4.3

Create a plan to update and maintain your overall BCP.

  • 3. Maintenance plan and BCP templates to complete the relevant documentation (BC Policy, BCP Action Items, Recovery Workflow, etc.)

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

Member Rating

9.2/10
Overall Impact

$30,547
Average $ Saved

37
Average Days Saved

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.

Read what our members are saying

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Need Extra Help?
Try Our Guided Implementations

Get the help you need in this 5-phase advisory process. You'll receive 5 touchpoints with our researchers, all included in your membership.

Guided Implementation #1 - Scoping
  • Call #1 - Scope requirements, objectives, and stakeholders. Identify a pilot BCP project.

Guided Implementation #2 - Business Processes and Dependencies
  • Call #1 - Assess current BCP maturity. Create business process workflows, dependencies, alternates, and workarounds.

Guided Implementation #3 - Conduct a BIA
  • Call #1 - Create an impact scoring scale and conduct a BIA. Identify acceptable RTO and RPO.

Guided Implementation #4 - Recovery Workflow
  • Call #1 - Create a recovery workflow based on tabletop planning.

Guided Implementation #5 - Documentation & BCP Framework
  • Call #1 - Summarize the pilot results and plan next steps. Define roles and responsibilities. Make the case for a wider BCP program.

Author(s)

Frank Trovato

Andrew Sharp

Contributors

  • Dr. Bernard A. Jones, MBCI, CBCP, Berkeley College
  • Kris Roberson, Disaster Recovery Analyst, Veterans United Home Loans
  • Trevor Butler, General Manager of Information Technology, City of Lethbridge
  • Robert Miller, Information Services Director, Witt/Kieffer
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019