UK businesses are increasingly prepared for disruption or disaster according to BSI British Standards annual Business Barometer, published today.
The research found:
81% of FTSE companies would expect to last up to one week before feeling serious detrimental effects following disruption or disaster[1] Almost two thirds (63%) are very well prepared for serious IT failure Half of businesses surveyed are fully prepared for a forced office relocation Almost half (47%) are fully prepared for comprehensive supply chain failure
BSIs annual survey of FTSE 250 companies shows that 71% recognise the importance of Business Continuity Management (BCM) in staying competitive and winning new business in the future. This is a 10% increase on 2006s Business Barometer.
Mike Low, Director of BSI British Standards, said: The scale of risk and opportunity in the FTSE 250 are enormous and these organizations are recognizing that BCM has to be at the heart of their operations. Its also crucial for smaller organizations and those in other sectors to look seriously at how they would cope in the event of a disaster.
This years Business Barometer shows improvement in the preparedness of organizations for serious failure of their infrastructure which is really positive but there is still room for improvement. Thats why BSI has today published BS 25999-2, Specification for Business Continuity Management, which enables organizations to verify their BCM plans through independent certification. The standard can be used in an organization of any size or sector and provides a mechanism to ensure that their partners and supplies also have appropriate BCM procedures in place.
In September, BSI also launched an Online BCM Assessment Tool, particularly useful for SMEs wishing to assess their BCM capabilities.
Terror threats and natural disruption prompt review
Events of the last year have prompted many businesses to reconsider their approach to BCM:
· 42% reviewed their approach to BCM following the London and Glasgow terror alerts in June 2007
· 34% reviewed their approach to BCM following the widespread flooding throughout summer 2007
Despite an increase in overall preparedness on last year, the Business Barometer shows that more businesses would be affected by disruption or disaster more quickly than in 2006. 58% said that their business would be seriously affected in under a day, compared with 46% in 2006.
Chris Green, Chairman, Business Continuity Institute, and Chairman of the BSI business continuity committee, said: The need for robust BCM standards such as BS 25999-2 is clear. By following the requirements of the standard, organizations can improve enterprise stability, increase job security and ensure the flow of money into communities. Without BCM standards in place, infrastructure and supply chains may be less secure and employment and economic growth placed at risk.
Standards save Businesses
Those companies already implementing British or international standards as a matter of course were found to be better prepared, with 56% saying that their business would be very well prepared for failure in the supply chain, compared with 47% overall. 62% of businesses, compared with 46% in 2006, are required by customers to show that they have effective business continuity measure in place. 72% now ask all or some of their own suppliers to do the same.
Continual Improvement
BSIs research shows that businesses are increasingly recognising the value of BCM. More companies are very well prepared for;
failure in the supply chain: 47% (45% in 2006; 18% in 2005) catastrophic IT failure: 63% (51% in 2006; 27% in 2005) forced business relocation: 50% in 2007 (41% in 2006; 15% in 2005)
BS 25999-2, Specification for Business Continuity Management, complements BS 25999-1, Guide to Business Continuity, published in November 2006. Part 2 has been developed by a broad based group of world class experts and specifies requirements for establishing, implementing, operating and improving a documented Business Continuity Management System. The requirements of BS 25999-2 are generic and intended to be applicable to all organizations, regardless of type, size and nature of business.