What is a Business Continuity Plan?

Business Continuity Planning

Definition: Business Continuity Planning is the process through which an organisation ensures the continuation of critical functions during and after a disaster has occurred. BCP aims to provide a roadmap for business recovery by identifying potential threats to operations and establishing strategies for mitigating and managing these risks.

The planning process involves conducting a business impact analysis (BIA), identifying essential business functions, determining acceptable downtime for each critical process, and formulating recovery strategies. In terms of cyber security, a comprehensive Business Continuity Planning includes measures for data backup, system redundancy, and disaster recovery to manage IT disruptions from cyber threats.

Business Continuity Planning is a proactive approach and forms part of a wider Business Continuity Management (BCM) system, ensuring resilience and the ability to quickly adapt and respond to both internal and external threats. Business Continuity Planning is crucial not only for maintaining business operations but also for protecting the brand and shareholder value.

Key Characteristics:

Resilience: BCP is designed to ensure that the business is capable of withstanding disruptive events.
Preparedness: Involves identifying and preparing for potential threats to maintain business functionality.
Minimising Downtime: Seeks to reduce the duration and impact of interruptions to business operations.
Recovery Objectives: Defines Recovery Point Objective (RPO) and Recovery Time Objective (RTO) for essential processes and systems.

Examples:

Real-World Example: A company utilises a BCP to quickly resume operations following a significant data breach by switching to a secure backup database.
Hypothetical Scenario: A retail business experiences an e-commerce platform outage due to a DDoS attack and activates their BCP to re-route customer transactions to a secondary platform, thereby continuing sales operations.

Related Terms:

Disaster Recovery Planning (DRP): A subset of BCP focused specifically on restoring IT and technological operations after a disaster.
Business Impact Analysis (BIA): A critical component of BCP that assesses the effects of interruptions to business processes.
Recovery Point Objective (RPO): The maximum tolerable period in which data might be lost from an IT service due to a major incident.
Recovery Time Objective (RTO): The targeted duration of time within which a business process must be restored after a disaster to avoid unacceptable consequences.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Business Continuity Planning

What is the OWASP Top 10: Download our flash cards to find out.

Contact us