Share

What is a Business Continuity Plan?

A Business Continuity Plan (BCP) is a detailed document that outlines how an organization will continue to operate through an unplanned disruption in service. The BCP is not just a regulatory requirement within many industries, but should be considered as a guide to reduce the time it takes for operations to return to normal. It plays a critical role in an organization’s Operational Resilience.

Inability to react swiftly to sudden disruption such as a cyberattack could result in a loss of revenue, impacted data integrity, reputational damage, litigation, and potential punitive action from regulatory bodies.

What is included in a Business Continuity Plan?

The list of items that should be contained within a BCP include, but are not limited to, the following:

  • • Identification and analysis of critical business functions across your organization. These functions should be prioritized based on their importance to the business.
  • • The risks to these business functions, detailed and considered depending on their severity. Total risk tolerance and appetite as a business should also be considered, so that decision makers can better categorize the risks that fall outside of a pre-agreed risk tolerance range.
  • • Strategies and mitigation actions that help protect critical business functions.
  • • Evidence of strategic testing across critical functions using key metrics.
  • • Evidence of testing stressed exit and non-stressed exit plans for all important third-party outsourcing arrangements to ensure impact stays within pre-agreed risk tolerances.
  • • Report and dashboard details, to allow the BCP to be updated over time based on data.
 

Teradata take on Business Continuity Planning

Businesses must shift their thinking to future-proof their organization. Threats to the business can come from a variety of sources, and may not even be the result of a direct attack. Hybrid and multi-cloud infrastructure can help increase resilience by introducing agility, flexibility and choice to critical infrastructure decisions.