Do we need a Business Contingency Plan after an IT Outage?
Denis Chircop MBA
Head of Quality, Health, Safety and Environment at MMH Malta Ltd.
How many firms have a business continuity plan in place?
Although societies, in general, both locally and abroad, except those that had flights scheduled on the 19th of July had no idea what was going on, large companies listed in Fortune 500 are still struggling to rectify the damage caused by what described as the largest IT Failure in history. Insurers estimate that the update will cost these companies around $5.4bn.
Ironically, this update was intended to protect IT systems.
All the turmoil caused at the airports after grounding thousand of flights, at hospitals after major operations could not be performed and online transactions immobilized through major banks worldwide, was a result of a faulty update from a multibillion-dollar company- CrowdStrike. Ironically, this update was intended to protect IT systems.
How many firms have a business continuity plan in place? Apart from the healthcare, finance and government entities which are the most susceptible to face legal and financial consequences and are required by law (not in all countries) to have a business continuity plan. I would say without any doubt that more than 95% of the local companies do not have any form of plan. I am not including the family run businesses. I might be wrong, but I do not think so. Check within your organization.
most businesses make use of an IT system and make online transactions. It is time that all firms ensure they have a business continuity plan
In any business if you want to have growth it is essential to risk. We all recognize that in business and personally we may forecast and have plans but a level of risk must be taken. Dr. Nassim N. Taleb indicated the problem is that entrepreneurs, businesspeople and managers continuously think that they will always beat the odds. In his book, ‘Antifragile’, Dr. Taleb emphasized that risk taking is healthy as long as the risk remain small and localized.
What if, or I would say. When would such an IT outage happen again but instead of taking some hours to restore back the system it would take days? Are we all ready? Are large or small organizations ready to continue doing business without internet connection?
Business continuity like business management systems must be customized according to the needs of the business industry.
Nowadays all firms whatever the size of the organization make use of any computerized system being for internal use for managing their stock, taking orders, to more complicated systems such ERP, CRM, etc. Apart from internal data these systems facilitate the coordination and connectivity with other suppliers, manufacturers, and customers. The details of businesses and personal details are continually being shared. It is calculated that the total digital transactions this year (2024) will reach more than €10.50tn.
All businesses must ensure that not only the quality of their products and services is of customer satisfaction. Organization also must ensure that the integrity and confidentiality is their top priority.
Business Continuity is about the 4P’s. People, Processes, Premises and Providers.
I assume that all big firms will be reviewing their business continuity plans and focus on one of the 4P’s. They have to evaluate the critical processes that keep the business running. They will fully assess and analyze the technologies they are operating with. They must analyze the recovery time which is a priority for today’s businesses.
As already stated, most businesses make use of an IT system and make online transactions. It is time that all firms ensure they have a business continuity plan. These plans should be structured according to the needs and complexity of the organization. Business continuity like business management systems must be customized according to the needs of the business industry.