How to Create a Business Continuity Plan
We know you already have a lot on your plate right now, and creating a new plan may seem like a lot of work with multiple considerations and factors – but not to worry. A solid plan is worth it, as it can be an essential asset for years to come, and we’re here to walk you through making one.
(We’re also assuming you already have your business plan in place, but if not, we also have a guide that will give you detailed advice on how to write a quality business plan here.)
Step 1: What are your potential risks and impact?
- Consider all the potential risks to your company. There are external risks (for example power cuts, natural disasters, cyber attacks and other things that are out of your control for the most part), and internal risks (for example sudden cash-flow issues, tough sales months or losing key staff).
- What parts of the business could they affect? The issues could affect anything from your premises, people, stock and equipment, operations and processes, to technology.
- What could the impact be? You could for example experience a loss of sales and income, increased expenses, decreased customer satisfaction and loyalty, delayed service delivery, poor product quality, or regulatory fines.
Let’s put it together: If you owned a hair salon and a competitor opened up next door .(potential risk), it would affect the volume of potential customers (part of business affected) and there may be a loss of sales (business impact).
Step 2: What are your critical business functions?
- A critical business function is a process that must be restored in the event of a disruption to protect the business and keep meeting expectations (up to the standards of shareholders, for example). A good Customer Relationship Management (CRM) system would help with this process, and you can find some of the best CRM for small businesses here.
- A few different business functions that exist are paperwork, employees, and production for example.
- Using paperwork that was at risk of a fire as an example, a way to mitigate this potential risk would be to have multiple backups, in different locations and the responsibility of different people in the business.
Step 3: Who holds the key roles and responsibilities?
It’s important to consider the key roles and responsibilities in your business because that way, the right information can get to the right people in a streamlined way and issues can be resolved by the right people quickly.
These may include:
- Internal staff (sales leaders, accountants, client managers etc)
- External key players (contractors and service providers, suppliers and distributors, IT consultants, utility companies etc)
- It’s important to have a list of key people (with their documented roles), and other important contacts, as well as clear instructions that clarify their responsibilities in an emergency situation.
Let’s put it together: If there was a security breach in a tech company, the customer service department (internal staff) would need to be alerted who could send out a reassuring email to customers. Next, a call would need to be made to an IT consultant to fix the issue (external key players). At the same time, a senior manager for example (key people) could also send out a message to shareholders to clear up and clarify any incorrect information showing on systems.
Step 4: What is your communication plan?
- Who needs to be contacted: in the event of a disruption or emergency? Some examples may include employees, customers, clients, or suppliers.
- How will you communicate with them: Depending on the severity of the situation and also taking into consideration the tone of your company brand and the mediums your customer base use most, you could use social media, press releases, or an email newsletter for example.
- What will the tone be? The tone can be serious, reassuring, optimistic or anything else you feel most accurately serves the situation, and that would be on brand for your company.