Presentation on theme: "Business Continuity Workshop 13 November 2013 Owen Paterson Intend Business Development."— Presentation transcript:
Business Continuity Workshop 13 November 2013 Owen Paterson Intend Business Development
What/Why/How Business Continuity (BC) is defined as the capability of the organization to continue delivery of products or services at acceptable predefined levels following a disruptive incident. Just common sense - taking responsibility for your business and enabling it to stay on course It is about keeping calm and carrying on!
What/Why/How No organisation can have complete control over unpredictable disruptions that often happen, The consequences for some businesses are devastating – it can lead to them never trading again, Loss of customer confidence, Breach of contract, Damage to future business opportunities,
Standardised PQQ – Public Sector Have you, either as a supplier or in the supply chain, been involved in the provision of any contract in the last 3 years for goods and services and 5 years for works, where the contract has been terminated or payment has been withheld because your performance was not satisfactory. If applicable, has any member of your consortium been involved in the provision of any contract in the last 3 years for goods and services and 5 years for works, where a contract has been terminated or payment where payment has been withheld because their performance was not satisfactory. If you have answered "Yes" to either question, please provide details regarding the circumstances of the termination and details of any remedial action that was carried out as a result of the termination. Guidance The Authority will not select bidder(s) that cannot demonstrate to its satisfaction that appropriate remedial action has been taken to prevent future occurrences.
What/Why/How Business continuity planning helps to ensure that your organisation makes a successful return to business as usual following a major interruption, Can you afford to just sit and wait in the hope that you will not be affected by an incident, Prepare in advance, A Business Continuity Plan (BCP) is the least expensive insurance any company can have, Want to convince potential customers what a responsible/well planned/forward thinking business you are,
What/Why/How Over 63,000 suppliers currently registered on PCS, Competition is greater than ever, Its a process………every advantage counts
What/Why/How By having a tested plan in place, organisations will be prepared for unforeseen events, enabling them to recover speedily and efficiently, so that they are up and running again in the swiftest possible time frame
What/Why/How Where is your business vulnerable What are your core functions What are the risks How can you mitigate against the risks (as far as possible) Who needs to be involved Roles/Responsibilities
Core Functions/Risk Core Function Staff Premises I.T. Systems Loss of Data Loss of utilities Vehicles/Equipment Supply Chain Safety of staff Bad weather Where is the Risk Illness, Absence, Attrition Fire, Flood, Damage Failure, Hacking System failure, No back ups Closure of Premises, Staff sent home Break Downs, Unable to Service Increased Costs, Failed Deliveries Prosecutions, HSE Investigation Unable to Deliver/Cannot reach work sites
What/Why/How A plan is as good as its implementation, A BCPlan comes into use only when a situation calls for it, Test at regular intervals, Phone no's change, Providers change, People change, Review/test/keep up to date…….
Business Continuity Workshop 13 November 2013 Owen Paterson Intend Business Development
Preparing a BCP Templates available What information do you need Who needs to be involved Key staff - roles/responsibilities Identify the risks/What can you do to mitigate Recovery plan, timescales, actions
Information Communications plan Staff contact details Press/trade journal contacts Alternative sites/ Units available Customer details/workplans Supplier details Bank/Insurance Details Agency staff I.T./Equipment providers
Core Function Staff Premises I.T. Systems Loss of Data Loss of utilities Vehicles/Equipment Supply Chain Safety of staff Bad weather Mitigation Access to agency staff Alternative premises, Work from home Maintenance contract in place Off site backups, Fireproof cabinets Emergency No's, Work from home Maintenance /service plans, Hire plans Fixed prices, Alternative suppliers Training, Risk Assessments Four wheel drive vehicles available, or arrangements to Hire if needed
Preparing a BCP Rank the risks in terms of impact LOW risk of occurrence - HIGH impact Highlight where most action is needed Where is the plan kept Who gets a copy Outline the actions and then allocate responsibilities Staff training Needs to be signed off at senior level
Business Continuity Plan The Supplier must detail their disaster recovery and contingency planning arrangements, including the physical arrangements to protect hardware and data from loss or disruption. This obligation subsists throughout the duration of the Contract as and when such current details are requested by the Purchaser. Please outline your approach to risk management for this project. Please highlight what the key risks are for this project and how your company would manage them. Quality Weighting 10% Of total Quality Score Does your organisation have systems or procedures in place to ensure Business Continuity, particularly in the event of a major incident that may remove operational capability? Part GBusiness Continuity and Disaster Recovery 5% Evidence of process and procedures in place to ensure continuity of service to buyer in the event of adverse circumstances affecting the bidder.
Describe your arrangement to ensure business continuity and to enable disaster recovery, including the scope, validation, risk treatment and leadership in these areas. Guidance You should demonstrate that your organisation keeps copies of documentation setting out your business continuity and disaster recovery procedures. These should include the arrangements for business continuity and disaster recovery throughout your organisation. You should set out how your organisation will carry out its policy with a clear indication of how the arrangements are communicated to your workforce. Standardised PQQ – Public Sector
Response We have a Business Continuity Plan (BCP) in place to make sure that our business can continue to operate in the event of a major incident. The plan has been developed over a number of years and is reviewed each year by the management team to make sure the business can be up and running within max 24 hours following a major incident with no or minimal impact to our customers. The objectives of the plan are to define the Critical Functions of the business and then - o analyse the risks to these functions, o identify methods to mitigate against the risks o implement the mitigation methods o test if the mitigation is effective
Recovery Action Plan 1st hour – – Contact insurance – Damage assessment – Contact staff – Transfer phone numbers – Cancel deliveries – Cancel mail – Establish immediate priorities
Recovery Action Plan 1st 24 hours – – Assess reports from Insurance, H & S Adviser – Assess immediate implications for the business, in lieu of above – Draft a work plan to outline what operations can be provided – Report on the level of data and customer records still available – Prepare position statement and contact customers to advise of problems and actions on-going – Prioritise customer work and assess priorities
Key information Key equipment requirements/asset registers Software/Hardware Stockholdings Policy details/Passwords/Accreditations Recovery log Key Contact details – Insurance (Buildings and vehicles) – Bank – I.T. – Property
Business Continuity Business Continuity Planning is all about envisioning what your business could do to satisfy your customers and stakeholders should the worst happen. You have to know how you could deliver an agreed level of service during the crisis, and then get back to normal as quickly as possible. Emergencies and disasters dont discriminate. They can affect any organization or business, including yours,
Business Continuity Space debris, solar storms, cyber attacks and climate change are an increasing threat to businesses and their supply chains, according to a study. A report, published by global reinsurance firm Guy Carpenter, has highlighted the major emerging insurance risk factors relevant to businesses and their supply chains.Guy Carpenter Threats to the data security of cloud computing and social media has become a significant emerging risk with the instances of cyber attacks reaching alarming levels, the report said. As supply chains become more reliant on technology, they have become more vulnerable to cyber threats. According to the report, technology failure and cyber attacks represent a greater threat to most organisations than adverse weather, fire and social unrest combined. Supply Management (Purchasing and Supply website 18/9/2013)
Thank you for listening Any questions for the speakers