Skip to content

How a typical Business Continuity Program Works?

Business Continuity and IT Disaster Recovery Blog

Articles - BCP and IT DR


In the last decade or so, the threats to the working environment of companies have multiplied ranging from 9-11 type attacks, earthquakes and the spread of diseases like SARS. Further, there is the very real threat of natural and manmade disasters like these disrupting the working patterns of organizations. Hence, there is a need to plan for contingencies and ensure that the business of the firm or company does not suffer during the emergency. Towards this end, a business continuity program is designed to insulate the business from the downsides of the calamity and ensure that continuity of business happens within days or even hours of the incident happening. This article looks at how a typical business continuity program works.

The first thing to note in a business continuity program is that a backup site needs to be provided for the employees to report to in case of damage to the existing business location. This backup site can be in the same city or at a safe distance from the existing location in another city. In some cases, backup sites are even located outside the country so that any disaster like a war that impacts the whole country can be mitigated. For instance, Polaris Software and Infosys are two companies that have invested in backup sites in other Asian countries like Sri Lanka and the Philippines.

The next thing that a business continuity program needs to have is a mechanism to reach the employees in case of an emergency and make them move to the backup site. This is done by many companies like Fidelity that have lists of the employees along with their contact details and the easiest way to reach them during an emergency. Further, a management level (mid or senior) person takes care of reaching a group of employees and the percolation goes down to the next levels as well as junior managerial staff take the responsibility of reaching down the hierarchy.

The third component of the business continuity program is to have an arrangement for the employees to get to the backup site within the SLA (Service Level Agreement) for the continuity program. As mentioned above, the continuity of business can happen within hours if the conditions permit and might take days if the calamity is drastic. For this to happen, the employees need to be told how to reach the backup site in case of an emergency and continue working from there. Further, specific employees can be asked to reach the backup site instead of all the employees as continuity of business is usually focused on restarting work rather than reaching full output.

Finally, the most important thing about a business continuity program is the maintenance of the backup site. If the backup site fails to power up or loads when an emergency strikes, the whole purpose of the business continuity program is lost. So, the essential thing to note in a business continuity program is that the backup site must be operationally ready at all times. Companies like Citigroup conduct periodic checks on the site readiness of the backup sites to ensure that they can be ramped up in no time.

In conclusion, business continuity is all about managing the surprise in an emergency. So, the more agile the staff is in responding to uncertainty, the better placed the company would be to respond to emergencies and disruptions of business.

BRCCI – Business Resilience Certification Consortium International (

We are thankful to the author for allowing us to post this insightful article on our website. BRCCI provides a comprehensive training and certification program in business resiliency, continuity and IT disaster recovery planning:

1. 3-day CBRM (Certified Business Resilience Manager) is a comprehensive, all-in-one, 3-day Business Continuity Planning and Management Training and Certification course which is designed to teach practical methods to develop, test, and maintain a business continuity plan and establish a business continuity program.

2. 3-day CBRITP (Certified Business Resilience IT Professional) is a comprehensive training on how to assess, develop, test, and maintain an information technology (IT) Disaster Recovery Plan for recovering IT and telecommunications systems and infrastructure in the event of a disaster or business disruption. The training provides a step-by-step methodology to ensure a reliable and effective IT disaster recovery and continuity plan consistent with the industry’s standards and best practices.

3. 2-day CBRA (Certified Business Resilience Auditor) It provides 2 days of intensive, Business Continuity Audit training to enable students to determine the effectiveness, adequacy, quality and reliability of an organization’s Business Continuity Program. Students will learn an audit methodology to evaluate compliance of Business Continuity and IT Disaster Recovery Programs with the current industry’s best practices and standards including:

  • ISO 22301: Business Continuity Management Systems – Requirements
  • NFPA: Standard on Disaster/Emergency Management and Business Continuity Programs
  • ITIL: Information Technology Infrastructure Library

For information on the above program, please contact BRCCI (www.brcci.org1-888-962-7224).

On Key

Related Posts

ICR Standard

ICR Standard Author: Dr. Akhtar Syed Download PDF Section 1.0 – Introduction The Integrated Continuous Resiliency (ICR) standard, developed by BRCCI (, is a comprehensive

What is ISO 22301 standard?

What is ISO 22301 standard? Author: Andrea Patricia Sanchez Dominguez Download PDF 1. Introduction The Standard ISO 22301 was proposed in 2012 as a new