Job, Career, Or Calling: Which One Do You Need?

Understanding Business Continuity Plans (BCPs)


A BCP is an important part of an organization’s risk management plans, defining any risks that may affect the organization’s operations. Risks may include natural disasters—fire, flood, or weather-related events—cyber-attacks and Centers for Disease Control incidents (COVID-19). After identifying the risks, the plan should also include the following:

  • Determining how the hazard affects operations
  • Implementing safeguards and procedures to minimize risks
  • Test procedures to ensure they are optimized
  • Reviewing the process to ensure it is up to date

BCPs are an important part of any business. Threats and disruptions mean loss of revenue and higher costs, leading to a decrease in profitability. And companies can’t rely on insurance alone because it doesn’t cover all costs and customers who go to the competition. It is usually designed in advance and includes input from key stakeholders and staff.

In the National Football League, a business continuity plan is in place when a tragedy occurs.

NFL flags


When I worked in football operations in the NFL, I was heavily involved in the risk management team. Our team knows that the NFL has a plan if a tragic plane crash event eliminates the entire team. An emergency meeting involving all 32 team clubs is planned. Team management conducts a special draft of the existing 31 clubs to draw enough players and staff to field a team to continue business operations for the remainder of the season.

Business Continuity Plan vs. Disaster Recovery Plan

Concept of business continuity and disaster recovery


BCPs and disaster recovery plans are similar; The latter focuses on technology and information technology (IT) infrastructure. BCPs focus more on the entire organization, such as customer service and the supply chain.

BCPs focus on minimizing overall costs or losses, while disaster recovery plans look at technology disruptions and related costs. Disaster recovery plans involve only IT staff—the ones who design and maintain the policy. However, BCPs have more staff trained on potential procedures.

6 Levels of Business Continuity Maturity

Concept of business continuity


How mature is your organization when it comes to business continuity? Is your business continuity management (BCM) program crawling, running, or running? From self-managing to synergistic, we’ve identified six levels of BCM maturity for most companies.


Levels 1-3 represent organizations that have yet to complete the program fundamentals required to begin a sustainable enterprise business continuity management program.

Level 1 – No original plan. A wait-and-see approach.

Individual business units and departments may manage or implement their own business continuity or disaster recovery efforts. A state of preparedness for disruptive events in a business organization is low. A business or individual department responds when disruptive events occur. No original planning involved: Business continuity recovery is reactive rather than proactive.

Level 2 – Departmental: The only one—you’re in class alone!

At least one business unit gets it. You have reached BCM Maturity Level 2 if at least one department or business unit has initiated efforts to establish management awareness of the importance of business continuity. Some functions or services develop and manage business continuity plans in one or more business continuity areas, such as:

  • Incident reporting
  • Technical protection
  • Safety instructions
  • Business Continuity

At level 2, At least one internal or external resource is assigned to support the business continuity efforts of participating business units and departments within your organization. The state of readiness for participants may be moderate but very low in most companies. Management may see the value of a BCM program, but they are reluctant to make it a priority at this point with minimal executive buy-in.

Level 3 – Collaborative: Moderate readiness, but on the way to full maturity.

Participating business units and departments have established a sophomoric program mandating at least limited compliance with their commonly agreed upon standard BCM policy, practices and procedures.

  • A BCM program office or department is established that centrally provides BCM governance and supporting services to partner departments and/or business units.
  • Still no executive buy-in; Senior management has not committed the organization to the BCM program.


Levels 4-6 represent the definitive plan for a maturing enterprise BCM program. If your business achieves level 4, you meet most of the criteria.

Level 4 – Criteria: You have reached the age of BCM Maturity.

Congratulations! Your management has stepped in and committed to the strategic importance of an effective BCM program across the organization. Additionally, there is an executable, practical BCM approach that embraces architecture, including policies and tools, to address four business continuity areas:

  • Incident reporting
  • Technical protection
  • Safety instructions
  • Business Continuity ,

Level 5 – Integrated: Almost there!

At level 5, the company meets all the requirements of level 4, which are now implemented throughout the company, adopting continuous quality improvements.

All business units completed tests on all aspects of their business continuity plan, including their internal and external dependencies.

  • The planned methods have been proven to be effective.
  • Management has bought into crisis management exercises.
  • A communications and tracking system is in place to maintain a high level of business continuity.

Level 6 – Synergistic: You have reached BCM Nirvana!

You haven’t just conquered levels 4 and 5. It’s yours! As an official business continuity guru, you have:

  • Advanced business protections are in place and have been successfully tested.
  • Innovative approaches, practices and technologies are up and running in the BCM program.,

Leave a Reply

Your email address will not be published. Required fields are marked *