READINESS
ANALYSIS
Before you can start making improvements to something, you need to understand the current state. The same is true with your business. In this phase, we look at the current state of preparedness, make some decisions regarding your desired state of business continuity, evaluate the potential risks and get executive-level buy in.
Conduct Maturity Assessment
We've created a Business Continuity Maturity Matrix based on best practices of businesses around the world, and learned from real-world emergencies, to help evaluate the 20 different elements that are essential to ensuring a business is capable of responding to any emergency.
​
These areas are:
​​
-
Essential Functions
-
Emergency Management Structure
-
Facilities
-
Communications
-
Personnel
-
Vendors
-
Customers
-
Vulnerability Assessment
-
Hazard Mitigation
-
Information Technology
-
Cyber Security
-
Finances
-
Insurance
-
Plan Content / Maintenance
-
Physical Security
-
Post-Event Reentry
-
Threat Monitoring
-
Alternate Sites
-
Training & Exercises
-
Resource Management
Perform Gap Analysis
With the completed Maturity Matrix, you can clearly see the differences between where the business is now and where you the business to be in the future. This forms the basis for the Gap Analysis. In each of the 20 elements, identify the actions that need to be taken to increase the level of Business Continuity maturity in order to make the business more secure.
Identify Potential Risks
Once you have an idea of how the business is positioned, you then want to take a look at the potential threats. This is largely dependent on things like business location, business type, size, geographical distribution and even the company's public visibility. Knowing what threats are most probable can help to prioritize mitigation and planning actions.
Acquire Executive Buy-In
Consensus is a key part of any major business activity but Business Continuity Planning affects all parts of an organization, which makes it critical that the leadership team be in lock-step on the actions that need to be taken. Dissenters can pose big obstacles to actually achieving the level of protection needed and result in wasted time, money and effort. Not to mention, put the organization in grave risk.