Business continuity plan involves the employment of time and resources in analysing the functions within the organization, and thus assess their criticality. First of all, it is crucial to analyse critical and essential functions of the business.
Criticality and Materiality are a term haphazardly used in business. How is this measured and how does this make that everyone knows and understand the importance of Criticality and Materiality.
There is the possibility of delaying the process of dealing with necessary and desirable functions until later stages of business recovery.
Understanding Business Impact Criticality / Materiality
There are four (4) Criticality Impacts which needs to be addressed. These four criticality functions are described below:
Mission-Critical Functions
This includes the functions within the organization that play the greatest role on operations and potential for recovery.
The functions that must be present in order for the business to continue existing are the mission-critical functions. One possible way for organizations to make their members focus on mission-critical functions is to ask them what are the three to five things that such members would do if their department encountered a business disruption.
By following such a method, a clear view of the mission-critical business functions in each department is provided. For instance, from an IT perspective, the network system or application outage are the
mission-critical functions that if damaged would place the existence of the organization in a high danger predicament. The recovery time provided for such mission-critical functions is very low, usually expressed in hours.
Vital (Essential) Functions
There are certain functions that are extremely important but should be addressed immediately after the mission-critical functions. For instance, the payroll may be considered vital or essential, which is not necessarily the one function that can bring the business immediately back up after disruption, but it is vital for the capacity to function after the disaster recovery stage.
Note:
There are organizations that do not distinguish between mission-critical and vital or essential function. Those particular organizations are not forced into using this category. They may end up with just three categories: mission-critical, important and minor.
Important Functions
Such functions do not stop the business from operating in the near term, but if not present in the long-term, may have impact on the way the organization preforms as a whole. For instance, from IT perspective, important functions are e-mails, internet access, or databases that are employed to support business functions. The tolerable time for such functions to recover is usually measured in days or weeks.
Minor Functions
Minor business processes are not usually required in the near-term and during business operations recovery; however, they need to be recovered over the longer term.
Minor functions can disappear after certain disruptions, and the organizations do not need to get worried if this happens. In the eyes of many, business disruptions can positively impact these minor business functions, as they may be revised and improved after a disruption.
The Way forward: For Professionals, By Professionals
Crest Advisory Africa (Pty) Ltd is an internationally recognised and accredited Training, Advisory Services and Management System Certification (MSC) entity specialising in Management Systems, whether ISO (Internationally), to King IV or Sorbian Oxley (SOX).
CAA is a Platinum Accredited Partner of the Professional Evaluation and Certification Board (PECB), based in Canada, under licence of the International Accreditation Service (IAS) (California). This Elite status and accreditation represent the professionality CAA addresses every assignment.
We provide all the various end to end services to drive business, which includes a variety of Management System Toolkits, specifically designed for each standard.