Business continuity through a COVID-19 lens

Issue 8 2020 Security Services & Risk Management

The COVID-19 crisis has certainly put the spotlight on business continuity. While lockdowns and other imposed restrictions forced certain sectors to cease operating, a number of organisations continued to service customers and deliver products, with varying levels of success. For the latter, one may ask, did having a business continuity plan actually assist during this crisis?

“The simple answer is ‘yes’,” says Padma Naidoo, general manager: Advisory, ContinuitySA. Although the plans may not have considered a pandemic of this magnitude, organisations with a well-established business continuity capability have largely applauded it for enabling a swifter activation of remote work and other contingencies required to continue operating.

Padma Naidoo.

What worked?

Here are some of the business continuity planning aspects that assisted:

Business priorities – having a business-analysed view of the critical functions that needed to be resumed versus those that could stand for longer. With less than a week between the announcement and activation of lockdown, this helped direct the effective use of available resources and efforts.

Resource requirements – organisations that completed a business impact analysis had a clear understanding of existing capabilities and additional requirements, such as:

• The number of staff required to meet minimum acceptable levels of service and product delivery.

• Employees equipped to work remotely versus those that would require laptops/3G cards.

• The IT/network limitations regarding remote work numbers.

• Functions that could not take place remotely and why.

Having this information readily available assisted organisations to mobilise the additional resources required quickly, at a time when companies were competing for available stock.

Response structures – having a clear and tested framework for incident management and decision making. Even though a pandemic of this scale may not have been catered for, the entrenched principles of incident management were certainly useful.

Established teams – having established teams at different levels within an organisation, with trained and rehearsed individuals to implement the response.

Implemented continuity strategies – although identified contingencies may not have worked as intended, they did offer some advantages, for example:

• Work area recovery facilities were used to achieve social distancing and split an organisation’s risk.

• Critical staff were already equipped for remote work.

• Identified manual workarounds were utilised while additional staff were being equipped for remote work.

• In some instances, supply chain diversification assisted with supply delays.

Looking to the future

While existing business continuity frameworks did offer benefits, it is evident that they can be improved based on the lessons learnt over the past few months. COVID-19 marks a turning point for business, social and other spheres. The extent to which change occurs remains to be seen, with several predictions being made by analysts and futurists.

So, how should the face of business continuity change to meet emerging needs? Naidoo suggests that a strategic focus needs to be placed on resilience. As organisations ponder long term changes to their business and operating models, either for enhancement or as a response to macro environment developments, resilience needs to underpin their thought process, with continuity principles built into all changes.

For example, if an organisation is looking to increase remote work, mechanisms should be put in place to ensure that cross-skilling and succession planning takes place to avoid key skill vulnerabilities. With increased cybersecurity risks, it’s time to re-evaluate the approach to and measures for information security.

If an organisation seeks to diversify/localise its supply chain, due consideration should be given to second and third tier suppliers, as well as driving resilience through collaboration. Taking it a step further, why not use the automation of big data analytics to detect, inform and assess continuity threats and responses? The opportunities are endless.

“We live in a volatile time, and the decisions made now will impact the course of organisations in the future. This is the time for business continuity and risk practitioners to step up and ensure that new world that emerges post COVID-19 is a resilient one,” concludes Naidoo.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Obscure Technologies adds OneTrust to portfolio
Security Services & Risk Management
Cybersecurity specialist Obscure Technologies has announced the formation of a strategic alliance with OneTrust, a provider of Trust Intelligence.

Three ways to prevent non-delivery
Security Services & Risk Management
By using an escrow platform, you can pay for the item, but the funds are held in a trust account until you receive the item and are happy it’s what you ordered.

Look before you leap into a back-up power solution
Editor's Choice Security Services & Risk Management
Before you rush into purchasing a back-up power solution, you need to take a considered and long-term view of how to get yourself as close to grid independence as possible.

All-mobile people management solution with facial recognition
Editor's Choice Integrated Solutions Security Services & Risk Management Products
The new mobile Incident Desk People Management platform with facial recognition combines identification data on suppliers, staff, sub-contractors and even people on watch lists, for less than the cost of traditional service management tools.

Passion, drive and hard work
Technews Publishing Editor's Choice CCTV, Surveillance & Remote Monitoring Security Services & Risk Management
Colleen Glaeser is a leader in the security market, having made her mark in the male-dominated security industry through determination and hard work, along with a vision of making the world a safer place.

Are you your insider threat?
Technews Publishing Editor's Choice Security Services & Risk Management Commercial (Industry)
Insider threats are a critical aspect of risk management today, but what happens when it is the owner of the company acting fraudulently and making sure none of his staff can catch him?

Trackforce Valiant acquires TrackTik Software
News Integrated Solutions Security Services & Risk Management
Trackforce Valiant, a provider of security workforce management solutions, announced the acquisition of TrackTik Software, a cloud-based security workforce management provider.

Minimise the cost and impact of protest activity
Thorburn Security Solutions Security Services & Risk Management Industrial (Industry)
Strikes and protest actions are common in South Africa and businesses need to prepare for the worst while working for the best outcome that benefits all parties.

SA Security becomes a part of Fidelity ADT
Fidelity Services Group Security Services & Risk Management
Fidelity ADT has announced that it has concluded an agreement with SA Security Alarms & CCTV and has taken over the monitoring and armed response contract from 1 July 2022.

Risk reduction and cybersecurity
Security Services & Risk Management Cyber Security
How should risk managers think about cyber risk? What are the main considerations and red herrings? How do you know you’re mitigating cyber risk?