Research from Assurance and ClearView indicates that organisations understand business continuity (BC) is a high or medium priority, but barely more than 50% of organisations leverage BC advisory or consulting services.
1123 business professionals from across the globe participated in the inaugural Business Continuity Benchmark Study, of whom 19% were located in the Pacific rim.
Of all respondents, 76% indicated that BC is a high or medium priority. Furthermore, 14% believe that senior executives class BC as a situational priority – that is, only important during or after a crisis.
Participants provided insights into their priorities, objectives and challenges, in addition to program maturity, sources of confidence, ROI measures and technologies used.
According to 83% of respondents, ensuring continuity of operations during a crisis is the top priority in their crisis response strategies. This is followed by ensuring employee safety during a crisis (80%), ensuring continuity of key IT systems during a crisis (77%), and minimising the impact to customers as a result of business disruption (74%).
Lower priorities include reducing overhead costs like D-O insurance premiums, and ensuring preparation for external audits.
Respondents noted that the most successful initiatives included ensuring continuity of operations during a crisis (61% say it was successful), followed by ensuring employee safety during a crisis (45%), and minimising the impact to customers as a result of business disruption (42%).
“This report is a shining example of our commitment to leading innovation in Business Continuity,” says Assurance Software chief executive officer Craig Potts.
“In the inaugural BC Benchmark Study, our researchers exposed a variety of interesting findings, some anticipated and others more surprising. We are proud to share this with the industry at large to use as an aid to both individual and collective efforts in continuous improvement.”
Respondents that the most persistent challenges to BC programs include supply chain and third party risks; an evolving risk landscape; cyber risks; and lack of executive support.
When asked what organisations include within the scope of BC plans, respondents cited IT and operations (93%), followed by human resources (85%), information security (80%) and finance / accounting (78%).
However, organisational functions are seen as lower priority. Payroll was the function most often included: 68% of respondents included this, closely followed by operational risk management at 67%. Another risk-oriented function, enterprise risk management, was only included in the scope of 60% of BC plans.
The study says that BC as a defined practice is now in its fourth decade, yet according to the results of the study, only 9% of participants indicate that their BC programs are “very mature”.
A further 27% said BC in their organisations is “mature” and 33% said it is “reasonably mature”.