How effective is your Business Continuity Management Implementation?
This is the first blog in a two-part blog series on the effectiveness of the implementation of Business Continuity Management.
It is interesting to actually sit back and think about this question, whilst the purpose of any Business Continuity Management implementation seems evident, in many cases, Business Continuity Management may be viewed narrowly as the implementation of just a disaster recovery infrastructure that the Mobile Network Operator may never use, or just a “check-box” item for governance or regulatory purposes. This is a question that the Senior Management of organisations across many sectors including telecommunications have been asking from time immemorial, even though benefit realisation for such implementations should been tracked and reported.
The appropriate response to this question lies in the ability of the Mobile Network Operator to say “yes” to a number of pertinent Business Continuity implementation questions. The more questions that are in the affirmative indicates that the operator has either implemented or is on its way to implementing some of the recommendations highlighted in the GSMA BCM Report released in 2016 as summarized below.
- Planning for resilience through BCM is a key responsibility
- BCM needs to be a testing and iterative process
- BCM plans should enable a reduction in friction and an increase in flexibility
- BCM plans should be tailored to specific disaster types and levels of severity
It is important to note that many operators will find themselves at a different phase of their BCM implementation effectiveness journey.
There are many definitions of Business Continuity Management and how it should be implemented, but what is critical is to have a framework implemented that is holistic, supports resilience and provides the organisation with the capability to respond by restoring products and services after a disruption has occurred.
These key words: “holistic”, “resilience” and “response” highlight the work that the Disaster Response team have been undertaking via the Humanitarian Connectivity Charter and other initiatives which bring about collaboration with Mobile Network Operators, aid agencies and other organisations within the Disaster Management value chain. This is to help alleviate impact on affected populace caught up in disaster situations. The programme propagates the importance of preparedness, response, recovery and mitigation by the operators for humanitarian purposes.
So what are these BCM related questions that operators should be able to say “yes” to as it relates to best practice implementation of Business Continuity Management?
Your BCM Strategy
The first set of questions are based on your organisation’s Business Continuity Management Strategy. The importance of having this strategy cannot be over emphasised, as this defines the direction your organisation intends to take its business continuity implementation. The strategy should drive the implementation from a holistic viewpoint.
The questions are as follows:
- Do you have a Business Continuity Management Strategy? Is the strategy aligned with your organisational strategic goals and objectives?
- Does the strategy define the relationship with governmental, humanitarian and regulatory agencies before, during and post disaster situations?
- Have you identified the risks and threats to the organisation in relation to business continuity management?
- At a strategic level, have you agreed on how to respond to the various disaster types or do you have a generic approach across the board?
- Have you agreed the Recovery Time Objective-RTO and the Recovery Point Objective- RPO that the organisation will be able to cope with?
Your Preparedness Levels
The second set of questions are based on your disaster response preparedness level. The better the preparedness level, the better you will be able to respond during disaster situations. Here at the GSMA, one of the aims of the Disaster Response Programme is to ensure that operators responses to disaster situations becomes more predictable, to enable operators to play a more effective role in the wider coordinated response to an incident.
The questions are as follows:
- Do you have a nomenclature for preparedness activities to deal with both internal or corporate and external crises/incidents?
- Have you defined and tested your Business Continuity Management Plan? Do you conduct both full failover and desktop test and does it involve all mission critical services?
- Do you have resilience “built in at source” for both your Network and IT infrastructure? Is this done at design stage or is it bolted on at implementation?
- Have you documented your crisis management process? Is everyone aware of what to do when an incident occurs?
- Has a business impact analysis been done and risk factor identified for each mission critical process?
- Have you identified and documented your mission critical processes (SMS, Data & Voice being the core services provided by mobile operators)?
A Mobile Network Operator answering “Yes” to many of the above questions and the questions in the part 2 of this blog should give some comfort about their level of preparedness for disaster situations.
The GSMA Disaster Response programme will continue to take a focus on Business Continuity through its technical stream. A new webinar series in 2017 will focus on these issues and more and an updated version of the Business Continuity Guideline is forthcoming. MNOs with a specific interest in this topic can contact the team at email@example.com
The Business Continuity Management report aims to highlight the measures undertaken by mobile network ...Read more
Partnership Guidelines: Building effective relationships between MNOs and NGOs in complex environments and crises
Mobile Network Operators (MNOs) are increasingly sought as partners to deliver services developed by the ...Read more
This assessment aims to capture some of the key actions taken by GSMA members and their partners responding ...Read more
Over the last year, we have showcased many new products and services from our M4D Products & Services ...Read more
This is the first blog in a two-part blog series on the effectiveness of the implementation of Business ...Read more
We are happy to welcome Jawwal as the latest mobile network operator to join the Humanitarian Connectivity ...Read more
The Asia Pacific is the world’s most disaster-stricken region, with natural disasters alone accounting for ...Read more
We are pleased to announce that Nokia has become the most recent organisation to endorse the principles of ...Read more