Three key questions CEOs need to ask

March 2015 Security Services & Risk Management

Many CEOs tend to see business continuity management purely within the context of complying with King III and other governance codes. But, says Leigh-Anne van As, business development manager at ContinuitySA, CEOs also need to see how business continuity management can help them answer three key strategic questions.

Van As argues that CEOs need to be able to answer ‘yes’ to these questions:

• Do you know which products and services offered by your company are vital to ensuring its strategic objectives can be met?

• Is your organisational structure aligned to the company’s strategic objectives?

• Do you know exactly which resources (including human resources) are required for the company to achieve its strategic objectives?

“Companies typically offer a multiplicity of products and services, but CEOs and their immediate teams need to understand which ones are absolutely vital to the company’s ability to meet its strategic targets. They also need to understand exactly which resources are essential to delivering those products and services,” she explains. “Once they have the answers, CEOs and their teams can allocate investment and attention appropriately, and optimise the company’s operations.”

Because companies often lose sight of what their core business actually is, they can find out too late that even a small disruption to a vital process can cause a major disruption to clients. Once lost, market share can be hard to regain – if at all.

“In the same vein, while every part of the business is important, not every part has the same time-sensitivity. Do CEOs properly understand the role each process plays in delivering the strategy, and how quickly, and in which sequence, each one has to be restored in the event of a disruption?” Van As asks.

CEOs also need to understand the company’s risk profile – some firms are more at risk than others. Factors here might be a high reliance on unionised labour, dependency on a single supplier, or even their location.

Those companies that don’t have the answers, or that are not confident of their correctness – and this is likely to be the case in a majority – can find/validate the necessary information from the business continuity management process.

“As part of putting a business continuity management plan in place, an initial strategic business impact analysis (BIA) should be undertaken. This helps leaders to understand very quickly the specific risks the company faces. The business impact analysis also includes a subsequent detailed analysis of how the various components of the organisation interact with each other, and their relative importance. It is even likely to identify and quantify the costs linked to failures, including lost profits. “

This kind of detailed understanding of how the company actually works, and the relative impact of the failure of each of its components, is not just useful in planning for disaster. It also provides vital information that can be used to improve the company’s normal operations and to give the CEO a three-dimensional view of how the company works.

“In short, the business continuity plan is more than insurance against disaster – it can play a key role in building, and communicating, a sounder picture of what’s important to a company’s long-term success, and help leaders formulate and implement strategy much more effectively. It can also help CEOs understand the industry context in which they are operating much better,” Van As concludes.

For more information contact ContinuitySA, +27 (0)11 554 8050, cindy.bodenstein@continuitysa.co.za, www.continuitysa.co.za



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Stolen credentials on the Dark Web
October 2019 , Cyber Security, Security Services & Risk Management
Over 21 million credentials belonging to Fortune 500 companies, 16 million of which were compromised during the last 12 months, are up for sale.

Read more...
Stolen credentials on the Dark Web
October 2019 , Cyber Security, Security Services & Risk Management
Over 21 million credentials belonging to Fortune 500 companies, 16 million of which were compromised during the last 12 months, are up for sale.

Read more...
Vodacom and SAPS launch MySAPS mobile app
October 2019 , Security Services & Risk Management
Vodacom, in partnership with the South African Police Service, will empower citizens to contribute to their own safety as well as the safety of their communities through the newly launched MySAPS app.

Read more...
Enterprise security must change
October 2019 , Cyber Security, Security Services & Risk Management
The recent wave of cyberattacks against local banks has highlighted the importance of protecting data against malicious users.

Read more...
Drones improve risk management
October 2019 , Security Services & Risk Management
Indwe embraces drone technology to help improve risk management and optimise insurance.

Read more...
Body-worn cameras transforming security
October 2019 , CCTV, Surveillance & Remote Monitoring, Security Services & Risk Management
Police Service Northern Ireland now has over 7 000 officers using 2 500 cameras covering approximately 173 000 incidents each year.

Read more...
Protecting your customers’ data
October 2019 , Training & Education, Security Services & Risk Management
Simon Murrell, head of development and executive director at BrandQuantum says companies need to protect their customers from identity theft and data breaches.

Read more...
Edwards Public Address & Voice Alarm System
October 2019 , Security Services & Risk Management, Products
Carrier has added the Public Address & Voice Alarm (PAVA) range to its fire product offerings.

Read more...
ContinuitySA offers ISO 22301 Lead Implementer course
October 2019, ContinuitySA , Training & Education, Security Services & Risk Management
ContinuitySA is once again offer its five-day Certified ISO 22301 Lead Implementer course on 18-22 November 2019 at the company's Midrand facility.

Read more...
Preparing your data for PoPI
September 2019 , IT infrastructure, Security Services & Risk Management
When it comes to protecting any information, the way data is secured across the value chain needs to be addressed.

Read more...