The Business Continuity Management Lifecycle

Acumen's approach to Business Continuity Management comprises four phases, each with a number of associated activities.

Awareness, Analysis and Strategy

The analysis phase is key to the success of the project. It should include a Business Impact Analysis and Risk Assessment and an audit of any existing Business Continuity plans.

Once the business impacts and risks are understood, it is possible to determine relevant and cost-effective Business Continuity strategies, including risk reduction, business recovery and Information Security Management.

Alongside the analysis and strategy development activities, it is important to begin raising awareness, to achieve buy-in and ensure key players are aware of their roles and responsibilities. This can be done in a number of ways including (though not limited to) briefing meetings, newsletters, training courses, workshops and intranet sites.

Business Continuity Plan Framework

An effective Incident Management capability and recovery planning framework is essential, and need not wait until the strategy and recovery solutions are fully implemented. Decisions on the Incident Management structure, team membership and recovery plan format should be made and implemented early on in the process, to provide a degree of resilience and recovery capability from the outset.

Business Continuity Implementation

At this stage, risk management and continuity solutions identified during the analysis and strategy phase are implemented, draft plans from the framework phase are customised and completed, and a comprehensive awareness and education campaign rolled out.

Continuous Improvement

Once in place, solutions and plans need to be regularly proven, rehearsed and kept up to date. Continuous improvement includes exercising and testing, maintenance and ongoing review, to ensure the plans continue to be effective and are updated in line with changes to the business or its supporting infrastructure.