View Storyboard

Contributors
- Dr. Bernard A. Jones, MBCI, CBCP, Berkeley College
- Kris Roberson, Disaster Recovery Analyst, Veterans United Home Loans
- Trevor Butler, General Manager of Information Technology, City of Lethbridge
- Robert Miller, Information Services Director, Witt/Kieffer
Your Challenge
- Recent crises have increased executive awareness and internal pressure to create a business continuity plan (BCP).
- Industry and government-driven regulations require evidence of sound business continuity practices.
- Customers demand their vendors provide evidence of a workable BCP prior to signing a contract.
- IT leaders, because of their cross-functional view and experience with incident management and DR, are often asked to lead BCP efforts.
Our Advice
Critical Insight
- BCP requires input from multiple departments with different and sometimes conflicting objectives. There are typically few, if any, dedicated resources for BCP, so it can't be a full-time, resource-intensive project.
- As an IT leader you have the skill set and organizational knowledge to lead a BCP project, but ultimately business leaders need to own the BCP – they know their processes, and therefore, their requirements to resume business operations better than anyone else.
- The traditional approach to BCP is a massive project that most organizations can’t execute without hiring a consultant. To execute BCP in-house, carve up the task into manageable pieces as outlined in this blueprint.
Impact and Result
- Implement a structured and repeatable process that you apply to one business unit at a time to keep BCP planning efforts manageable.
- Use the results of the pilot to identify gaps in your recovery plans and reduce overall continuity risk while continuing to assess specific risks as you repeat the process with additional business units.
- Enable business leaders to own the BCP going forward. Develop a template that the rest of the organization can use.
- Leverage BCP outcomes to refine IT DRP recovery objectives and achieve DRP-BCP alignment.
Guided Implementations
This guided implementation is a five call advisory process.
Guided Implementation #1 - Scoping
Call #1 - Scope requirements, objectives, and stakeholders. Identify a pilot BCP project.
Guided Implementation #2 - Business Processes and Dependencies
Call #1 - Assess current BCP maturity. Create business process workflows, dependencies, alternates, and workarounds.
Guided Implementation #3 - Conduct a BIA
Call #1 - Create an impact scoring scale and conduct a BIA. Identify acceptable RTO and RPO.
Guided Implementation #4 - Recovery Workflow
Call #1 - Create a recovery workflow based on tabletop planning.
Guided Implementation #5 - Documentation & BCP Framework
Call #1 - Summarize the pilot results and plan next steps. Define roles and responsibilities. Make the case for a wider BCP program.

Info-Tech Academy
Get Info-Tech Certified
Train your staff and develop a world-class IT team.
An active membership is required to access Info-Tech AcademyNew to Info-Tech Academy? Learn more here
Business Continuity
Streamline the traditional approach to make BCP development manageable and repeatable.
This course makes up part of the Security & Risk Certificate.
Course information:
- Title: Business Continuity
- Number of Course Modules: 5
- Estimated Time to Complete: 2-2.5 hours
- Featured Analysts:
- Frank Trovato, Research Director, Infrastructure Practice
- Eric Wright, SVP of Research and Advisory
- Now Playing: Academy: Business Continuity | Executive Brief
Book Your Workshop
Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Module 1: Define BCP Scope, Objectives, and Stakeholders
The Purpose
Define BCP scope, objectives, and stakeholders.
Key Benefits Achieved
Prioritize BCP efforts and level-set scope with key stakeholders.
Activities
Outputs
Assess current BCP maturity.
- BCP Maturity Scorecard: measure progress and identify gaps.
Identify key business processes to include in scope.
Flowchart key business processes to identify business processes, dependencies, and alternatives.
- Business process flowcharts: review, optimize, and allow for knowledge transfer of processes.
- Identify workarounds for common disruptions to day-to-day continuity.
Module 2: Define RTOs and RPOs Based on Your BIA
The Purpose
Define RTOs and RPOs based on your BIA.
Key Benefits Achieved
Set recovery targets based business impact, and illustrate the importance of BCP efforts via the impact of downtime.
Activities
Outputs
Define an objective scoring scale to indicate different levels of impact.
- BCP Business Impact Analysis: objective scoring scale to assess cost, goodwill, compliance, and safety impacts.
Estimate the impact of downtime.
- Apply the scoring scale to estimate the impact of downtime on business processes.
Determine acceptable RTO/RPO targets for business processes based on business impact.
- Acceptable RTOs/RPOs to dictate recovery strategy.
Module 3: Create a Recovery Workflow
The Purpose
Create a recovery workflow.
Key Benefits Achieved
Build an actionable, high-level, recovery workflow that can be adapted to a variety of different scenarios.
Activities
Outputs
Conduct a tabletop exercise to determine current recovery procedures.
- Recovery flow diagram – current and future state
- Identify gaps and recovery risks.
Identify and prioritize projects to close gaps and mitigate recovery risks.
- Create a project roadmap to close gaps.
Evaluate options for command centers and alternate business locations (i.e. BC site).
- Evaluate requirements for alternate business sites.
Module 4: Extend the Results of the Pilot BCP and Implement Governance
The Purpose
Extend the results of the pilot BCP and implement governance.
Key Benefits Achieved
Outline the actions required for the rest of your BCMS, and the required effort to complete those actions, based on the results of the pilot.
Activities
Outputs
Summarize the accomplishments and required next steps to create an overall BCP.
- Pilot BCP Executive Presentation
Identify required BCM roles.
- Business Continuity Team Roles & Responsibilities
Create a plan to update and maintain your overall BCP.
- 3. Maintenance plan and BCP templates to complete the relevant documentation (BC Policy, BCP Action Items, Recovery Workflow, etc.)
After each Info-Tech experience, we ask our members to quantify the real time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this Blueprint, and what our clients have to say.
Client
Experience
Impact
$ Saved
Days Saved
Town Of Marana
Guided Implementation
10/10
N/A
120
XGen Pharmaceuticals DJB, Inc.
Workshop
10/10
$26,103
20
Wade Trim Associates, Inc.
Guided Implementation
10/10
$63,667
20
City of Leduc
Workshop
7/10
N/A
10
Grinnell College
Guided Implementation
10/10
$7,640
20
Wisconsin Compensation Rating Bureau
Guided Implementation
8/10
$12,733
10
Werner Co.
Guided Implementation
7/10
$12,733
5
Old Republic National Title Insurance Company
Guided Implementation
9/10
$31,833
5
MSI online
Guided Implementation
9/10
$2,000
6
City of Leduc
Guided Implementation
10/10
N/A
5
Symptai Consulting Ltd.
Guided Implementation
9/10
$7,640
10
Momenta Pharmaceuticals
Guided Implementation
10/10
$63,667
10
County of San Luis Obispo
Workshop
5/10
N/A
N/A
County of San Luis Obispo
Workshop
10/10
$127K
85
Bay Cove Human Services Inc.
Workshop
6/10
$18,463
60
Blessing Hospital
Guided Implementation
10/10
$127K
50
Montana Department of Revenue
Guided Implementation
9/10
$6,366
14
City Of Kawartha Lakes
Workshop
10/10
$25,000
20
XGen Pharmaceuticals DJB, Inc.
Guided Implementation
9/10
$22,283
10
Cree Board of Health & Social Services of James Bay
Workshop
10/10
$50,000
90
Kentucky Housing Corporation
Guided Implementation
10/10
$31,833
20
University of Exeter
Guided Implementation
10/10
N/A
N/A
Mott MacDonald LLC
Guided Implementation
7/10
$10,440
5
UGI Utilities, Inc
Guided Implementation
8/10
N/A
20
Witt Kieffer
Guided Implementation
10/10
N/A
2
Westoba Credit Union Limited
Workshop
10/10
$65,000
105
WVU Foundation
Guided Implementation
10/10
N/A
N/A
Blessing Hospital
Guided Implementation
10/10
$63,667
20
Canadian Stewardship Services Alliance Inc. (CSSA)
Workshop
10/10
$13,000
10
Dentons Canada LLP
Guided Implementation
8/10
N/A
N/A