At the Continuity Insights Management Conference 2012 that I recently attended in Scottsdale, AZ, there was a lot of conversation around PS-Prep which bled into the discussion of “Why get certified” or, the more generic question of, “Why perform business continuity planning?” An oft repeated answer to this question, echoed by business continuity planners around the world is, “Because without a plan you will not survive as a company.”
I think this is a disingenuous answer without any history to support it. Where exactly is the evidence of this fact? What historical data can you share with me, or the CEO you are trying to convince, that this is the case? I am confident that you can dig up cases of small companies that did not survive a disaster, but where is that story about the big guy who did not survive the disaster?
The one and only case study I can think of off the top of my head is Enron, but that was a disaster of a different kind.
Look at BP and the horrific Gulf Coast disaster – they survived. Did they have a plan in place for this? Maybe … if so, most professionals would argue against its effectiveness. Were they certified? No.
Look at Cantor Fitzgerald, the one company most widely spoke about concerning the extent of their losses during the events of 9/11. Survived. With much loss and many significant challenges, but they are still in business.
We found this article that lists 8 Infamous Business Disasters – those companies all survived – albeit some under a new name and different business model, but they did survive. Now, not all of these cases are the kinds of disasters we plan for, but I can’t find that one poster child event that proves the statement, “Without a business continuity plan, you will not stay in business.”
Now look, I am a business continuity planner. I make a living out of helping companies put these programs in place. I want … no, I NEED … CEO’s and Boards of Directors to embrace the need for these plans and to invest in professionals like me to help put them in place. But, I think we need a better sales pitch than the shallow threat of; this is needed to survive a disaster.
I don’t think we need C-level executives to buy into this all or nothing proposition with business continuity planning. No, I think that the message should be: Business continuity plans will allow us to mitigate our losses should a disaster occur. The goal is to ensure the investment we make in our plans and solutions is justified by the potential losses that could occur considering the probability that an event happens.
The losses that could occur is measured by performing a Business Impact Analysis and the probability that an event happens is measured by a Risk Analysis.
We plan because it is a reasonable business practice to protect our assets and our stakeholders against losses that could impact the market value of our company not just if, but when, a business interruption event occurs. If you want the answer to, “Why get certified”, check out this earlier blog we posted.
We need to sell business continuity planning using business terms that executives can understand and stop with the doomsday scenario selling technique. At least, that’s the way I see it.
In the meantime, if you can share those stories with me that support the position companies will not survive without plans, I would love to read them. Thanks.