When disaster strikes, a well-crafted business continuity plan can mean the difference between seamless recovery and prolonged disruption. Yet, many businesses unintentionally overlook critical elements that could significantly impact their resilience.
From untested assumptions about supply chains to gaps in employee communication protocols, oversights in continuity plans often reveal themselves only when it’s too late. Below, members of Forbes Technology Council highlight often-missed essentials of a robust continuity strategy and explain why they’re indispensable for safeguarding your operations.
1. Preventive And Predictive Maintenance Of Digital Infrastructure
Preventive and predictive maintenance of critical IT digital infrastructure is increasing in importance as data resilience and data center resilience become increasingly necessary for business continuity. Predictive maintenance allows businesses to schedule maintenance only when necessary and before operational issues occur instead of at fixed intervals, resulting in fewer equipment outages and greater system efficiency. – Giordano Albertazzi, Vertiv
2. A Cyber Resilience Strategy
Cyber resilience is essential—and that doesn’t just refer to cybersecurity issues. In today’s era of dynamic computing, business leaders prioritize innovation over risk. A cyber resilience strategy is critical for a business’s ability to recover from and continue operating through unexpected interruptions, whether caused by a cyber incident, natural disaster or human-caused event. – Theresa Lanowitz, LevelBlue
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
3. Defined Minimum Viable Business Operations
Define what minimum viable business operations look like for your company. In the event of a catastrophic outage (think ransomware), what systems, workloads, data and other elements would you bring back up first, and in what order? Having all parties (business and technical) in agreement on what constitutes minimum viable business operations will help you avoid turf wars and increase efficiency during recovery. – Dale Zabriskie, Cohesity
4. Distributed Infrastructure
A key element of a BCP is ensuring resilient network connectivity through georedundancy and a multiprovider approach. Distributing infrastructure across multiple locations and providers reduces the risk of localized outages. Provider diversity and carrier-neutral interconnection offer flexibility, preventing vendor lock-in. In today’s digital world, resilience isn’t optional—it’s essential. – Ivo Ivanov, DE-CIX AG
5. A Comprehensive Communication Strategy
One essential component is a robust communication strategy. Clear, timely communication ensures employee safety, maintains trust with customers and prevents misinformation. It’s vital for coordinating roles during crises, managing public perception and complying with regulations. Without it, even a well-prepared plan can fail due to confusion or mistrust. – Akila Selvaraj, AdaptiveFunnels.ai
6. Prioritization Of Critical Business Functions
An important element of a business continuity plan is the identification and prioritization of critical business functions. This process involves determining which operations are vital to the organization’s survival and establishing the sequence in which they should be restored following a disruption. Neglecting this step can lead to inefficient recovery efforts, potentially exacerbating operational downtime and financial losses. – Rajdeep Biswas, Neudesic, an IBM Company
7. Regular Testing And Updating
An often-overlooked element of a BCP is regular testing and updating. It ensures the plan remains relevant amid changing technologies and processes, validates its effectiveness, prepares employees for real crises, ensures compliance, and helps companies adapt to emerging threats like cyberattacks. Without testing, businesses risk gaps in readiness and an ineffective response during disruptions. – Piyush Ranjan, Barclays Inc. USA
8. Flexibility
Flexibility is a vital element of business continuity. In a rapidly changing, tech-driven world, we must adapt to customer needs, market shifts and external factors. Incorporating forward thinking, feedback loops and awareness of the risks associated with various scenarios builds resilience. As they say, “Change is the only constant.” Flexibility enables businesses not just to survive in the face of change, but to thrive. – Parya Lotfi, DuckDuckGoose
9. Communication And Change Management Protocols
Among the essential yet often overlooked elements of a business continuity plan are comprehensive communication and change management protocols. Businesses often focus on operational recovery and infrastructure, assuming communication during a crisis will happen “on the fly.” There’s a tendency to underestimate how chaotic a crisis can become without clear, predefined change management protocols. – Shreesha Hegde, Fractal Analytics
10. Documented SOPs
Having well-documented standard operating procedures is essential when onboarding or replacing employees and when you decide to sell your business. Without SOPs, the execution of tasks becomes nonstandardized, and it becomes impossible to identify issues in performance. – Ori Eldarov, OffDeal
11. Employee Cross-Training
Cross-training is a crucial leadership strategy for business continuity. It ensures employees can step into multiple roles, keeping operations running during a crisis. This reduces reliance on key individuals, prevents bottlenecks and builds a more adaptable workforce. It’s also a way to develop future leaders, making the organization more resilient and prepared for unexpected challenges. – Sandeep Jha, LinkedIn
12. Reliable Employee-Facing Systems
A commonly overlooked aspect of BCP is having reliable employee-facing tools and internal systems. If systems like communication platforms, HR tools or inventory management go down, employees can’t work efficiently, even if customer-facing apps are fine. Including these tools in BCP ensures productivity is maintained, minimizing disruptions to both internal operations and customer service. – Akshay Prabhu, Capital One
13. Failure Mode And Effects Analysis
It’s essential to perform detailed failure mode and effects analysis to identify vulnerabilities and address them using the latest technologies, with routine check-ups every six months. In terms of an organization’s supply chain, it is essential to validate the vulnerabilities of extended suppliers rather than focusing solely on immediate suppliers—a step that is often overlooked. – Joydeb Mandal, Accenture
14. Regular Drills
A business continuity plan that has never been followed or tested is not worth much. Make sure to have regular drills and walk through your BCP with different groups, strictly following the steps in your BCP. A drill isn’t “done” until you’ve achieved business continuity, so your BCP needs to work. Anything that’s broken needs a root cause analysis and should be fixed before your next drill. – Deepak Bhaskaran, Cisco Systems Inc.
15. Prioritization Of Existing Customers
Existing customers are a critical yet often overlooked aspect of business continuity planning. During disruptions, retaining their trust ensures long-term stability. Clear communication and consistent service help preserve loyalty. A recovery plan that prioritizes customers strengthens resilience and fosters growth. – Vishal Pawar, CloudOMax Corp.
16. Quarterly Plan Validations
Regular and realistic testing is very important for a business continuity plan. Quarterly validation of the existing plan ensures employee readiness and uncovers vulnerabilities, which helps teams effectively update the plan. Testing also helps improve the resilience of the plan. Without testing, the plan might work in theory but be stale and fail during recovery efforts. – Sai Arava, Adobe
17. Periodic Business Impact Analyses
Business impact analysis is foundational to a BCP. It is important to periodically conduct a BIA to validate current risk management objectives that represent business-driven requirements for both risk avoidance and business recovery. The BIA identifies key internal and third-party dependencies, as well as the impact of disruptions on the business, including financial, operational, brand image and legal aspects. – Kim Bozzella, Protiviti
18. IT Threat Modeling
Investing in creating a threat model that can outline all the risks that your IT systems are exposed to enables your business to come up with comprehensive continuity plans. Threat modeling is often used in assessing security properties, but it can be applied to general continuity planning as well. – Atul Tulshibagwale, SGNL.ai
19. Backup Identity Authentication Methods
Identity is the most overlooked element in business continuity plans. If identity systems go down, employees and systems lose access to critical applications and data, halting operations. Ensuring identity resilience through strategies like backup authentication methods and failover systems is essential to maintain access and minimize disruption during outages or attacks. – Eric Olden, Strata Identity
20. Continuity Plans For Events That Impact AI-Powered Decision-Making
Businesses that rely on data science or AI for key decisions need continuity plans for real-world changes that can invalidate models or training data. For example, during COVID, shifting consumer preferences made existing models ineffective for online retailers, impacting revenue. Similar models in insurance, banking and pharmaceutical supply chains require scrutiny and planning from a BCP perspective. – Thomas Robinson, Domino Data Lab
