No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Is Your Company Prepared for the Worst?

by David Nolan
October 16, 2018
in Featured, Risk
red road sign reading "crisis ahead"

Why Business Continuity Must Be Part of Your Strategy

Carrying insurance, having a plan, limiting liability… these are all important steps to minimize risk associated with a disruptive event. But without a dynamic business continuity management program, brand equity could suffer significantly. David Nolan, CEO and founder of Fusion Risk Management, rebuts seven common misconceptions about business continuity.

Imagine a runner on a treadmill following a preset workout program. Even as the treadmill speeds up during the higher-intensity phases, as long as the runner is prepared for changing conditions, she will stay in sync with the machine. But if the runner falters or stops and the treadmill keeps going, she’ll stumble, fall and may even end up injured.

A business trying to remain competitive and profitable in today’s world is like the runner trying to keep pace with the machine. If a business is prepared for whatever adverse circumstances come up, the organization can take it in stride and keep moving forward. If a business is not prepared, then it will experience disruptions – and, like a runner who gets injured, the business may find it difficult to recover.

To keep the business running and revenue flowing, executives must include business continuity in their overarching company strategy, and that requires a fundamental understanding of what business continuity is and what it means for the organization.

Defining Business Continuity

Business continuity comprises certain processes that allow a company to continue to deliver products and services – and therefore continue to bring in revenue and meet commitments – no matter what circumstances may befall it. The types of disruptions that threaten all businesses include:

  • IT services disruption – any disruption affecting access to IT services (often referred to as “IT disaster recovery”) or the protection of critical data (often referred to as “cybersecurity”).
  • Workplace disruption – any disruption of a business entity (offices, call centers, retail locations, trading rooms, manufacturing plants, labs, warehouses, etc.), as well as critical assets such as machinery or other specialized equipment.
  • Workforce disruption – any disruption involving personnel such that sufficient, trained and skilled employees are not available. Possible causes may include labor actions; regional disasters during which the community or public infrastructure is severely impacted; or pandemics, any of which can cause severe absenteeism.
  • Supplier disruption – any disruption to critical suppliers, service providers, utilities and related infrastructure or logistics that stops or slows the movement of critical products and/or services into or out of your business.

While most executives may believe they are prepared for at least some of these disruption scenarios, commonly held misconceptions show the opposite may be true.

Breaking Down 7 Business Continuity Misconceptions

Misconceptions about a company’s level of resilience to adverse events and its ability to effectively respond can create serious risk for executives. Here are seven common misconceptions.

1. “We have a plan.”

Many executives think if they have a documented business continuity plan, the business is adequately prepared. But having a plan and being able to execute it are two very different things. Unless the plan is comprehensive, complete, current and accurate, it may not be worth the paper it’s printed on.

2. “It won’t happen to us.“

To think that a business will never experience a significant disruption is wishful thinking and indefensible, should a disruption occur. In addition to natural disasters, acts of terror or the catastrophic weather events that are becoming more common, even seemingly minor disruptions can have a significant impact on an organization’s ability to maintain operations and meet its commitments.

3. “We have insurance for that.“

This is certainly a way to pay for some disruptions, but it does not ensure business continuity. Insurance coverages can lull executives into a false sense of security that risks have been addressed and require no further attention. And insurance will never compensate for brand impact and loss of shareholder value.

In fact, effective business continuity can help avoid claims and prevent losses entirely. Balancing investments between insurance coverages and business continuity can result in a dramatically reduced risk profile that may otherwise drive higher premiums. Additionally, typical coverages only compensate the business, not partners or customers who rely on goods and services for their own needs and who may be left high and dry in the event of a disruption.

4. “We don’t have the time or resources for that.“

It is true that there is a rational balance of fiscal and fiduciary demands that should determine how much to invest in managing any risk. That number is rarely zero, however, and should never materially impact the core mission of the business. Tragically, many organizations are spending money on people, assets, services and activities that will not protect the business’s ability to function during a crisis.

A focused program aligned with the business priorities and mission can cost much less and deliver much more than one that is left to its own devices without executive sponsorship. The most expensive programs are those that produce plans that no one will ever use. Well-conceived programs operate more effectively and efficiently and deliver superior results.

5. “We already have data backups, recovery centers and cybersecurity measures.“

These, like insurance, are critically important measures to have in place, but only address a narrow portion of the full scope of disruptions that can impact a business. Like business continuity plans, are the IT disaster recovery plans comprehensive, complete, current and accurate? Have these plans been exercised under a variety of disaster scenarios to ensure IT operations can be restarted and resynchronized to the current state of the business? A comprehensive program that incorporates IT disaster recovery plans and response capabilities ensures that investments in IT resilience deliver value in the event of a disruption.

6. “We don’t have a very complicated business, so we don’t need a formal plan.“

The truth is, every business is complex in its own way, and without a formal business continuity program, the true extent of the organization’s internal and external dependencies or the actual duration of a business disruption isn’t revealed until a disruption occurs.

Not having a business continuity program means not having an understanding of what it will take to respond to a variety of potential disruptions, find workarounds to maintain operations and recover fully, should an adverse event occur. Scrambling to respond without a plan – while under the pressure of customer commitments, compliance, safety and public scrutiny – never works out as well as having a plan and a program already in place.

In the event of any disruption, a workforce will need to execute a business continuity plan with a minimal amount of damage to the business, and that is very hard to do without complete visibility into all facets of the business – no matter how simple you believe its processes and dependencies are.

7. “Our contracts protect us and limit our liability.“

Another common misconception is that if you limit your liability, your business is protected. But what about your customers, your employees and your business partners? Are you protected from shareholder suits if your equity value is damaged? During an operational disruption, there are many stakeholders affected – whom the business has the responsibility to consider and whose impact can cause damage to your company’s reputation and your brand. If brand trust is destroyed because a potentially preventable issue has affected customers, shareholders, employees or partners, contract liability may become immaterial. Planning and responding effectively in the face of adverse events far exceeds the benefits of contract protections alone.

Why It’s Important to Change Your Perceptions

Unlike the thinking behind most of these misconceptions, business continuity is not a defensive concept; it should be a fundamental component of business strategy.

For executives to responsibly establish and execute a competitive business strategy, risks must be identified, contingencies must be considered and capabilities must be established to ensure strategic objectives can be achieved. Assessing operational risk, evaluating business impact and defining appropriate tolerances for operational disruption are the foundations of a responsible approach to managing business continuity risk.

Not taking action creates its own set of risks. Oftentimes, executives place a higher priority on fulfilling their fiscal (not fiduciary) responsibilities by managing costs, monitoring accounts receivable and payable, assessing credit risk, etc. This is managing risk simply as a financial phenomenon when it should also be considered an operational necessity.

Lenders are becoming increasingly aware of continuity risk and its potential effects on an organization’s ability to service its debt. In this regard, business continuity becomes more relevant as a firm’s readiness may determine, in part, its ability to compete for preferred access to capital.

To gain an objective perspective, look at your company from an outsider’s shoes. Would you bet your business on a company with reckless disregard for continuity risk? Not likely. You undoubtedly have a stringent vetting process for all suppliers, providers, partners, manufacturers, etc., looking at them through the lens of, “Does this company have a backup plan if something goes wrong?” because it will affect your ability to deliver your products and services to your customers.

More than anything else, brand equity depends on business continuity management as a critical supporting element. Brand equity is created by an accumulation of goodwill over time, and executives are the stewards of that equity. If a disruptive event occurs and is not well managed, then reputation, trust and ultimately brand equity can be damaged and market value diminished. Investing in an effective business continuity management program can be the best investment to make for the highest potential return for your brand.

To Keep Moving Forward, Manage Business Continuity Risk

Managing business continuity risk is critical for the strategic success of every organization. It should be at the core of an organization’s values and mission, and executives must shoulder that responsibility to ensure that a business does not falter or fail to meet its commitments in the event of a disruption.

A company’s viability, brand equity and ability to compete in the marketplace every day all rely on having a firm grip on business continuity risks and an effective program to actively manage them. If you are not making business continuity management a strategic priority, you are in a shrinking minority – and you’re creating substantial risk for your business.


Tags: Business Continuity PlanningCrisis Management
Previous Post

Donnelley Financial Solutions’ “Guide to Effective Proxies” Identifies Leading Trends in 2018

Next Post

Recent FCPA Cases: Lessons for Compliance Personnel

David Nolan

David Nolan

David Nolan is CEO and founder of Fusion Risk Management. He can be reached at dnolan@fusionrm.com.

Related Posts

ACGS-strikes-riots-civil-commotion-report-2023_f

Strikes, Riots & Civil Commotion 2023 Report

by Corporate Compliance Insights
March 1, 2023

Is your business prepared for permacrisis? Drivers of Civil Unrest Strikes, Riots & Protests Expected to Test Business Resilience What’s...

The 16th ACES Compliance Summit

The 16th ACES Compliance Summit

by Aarti Maharaj
March 1, 2023

Lean-in and actively engage with today's most innovative and experienced trade compliance professionals during this 3 in 1 event. Featuring...

shifting sands risk

Shifting Sands: Leaders Are Feeling the Pressure of an Uncertain, Dynamic Risk Landscape

by Jim DeLoach
February 22, 2023

The global risk landscape has rarely been more unsettled over the past half-century than it is right now, and a...

jen colts

Football, Pain & Failing Upwards

by Jennifer L. Gaskin
February 8, 2023

This isn’t a story about business, third-party risk management, the DOJ or any of the other topics we normally cover...

Next Post
Libyan President Moammar Gadhafi at a state visit in 2008

Recent FCPA Cases: Lessons for Compliance Personnel

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT