Risk Management, Business Continuity & Disaster Recovery – C2
Although there has never been an official term defined, Risk Management (RM) is explained by the Economic times as ‘the practice of identifying potential risks in advance, analysing them and taking precautionary steps to reduce/curb the risk.’ The definition of Business Continuity (BC), by the official standard (ISO 22301), is ‘The capability of the organisation to continue delivery of products or services at acceptable predefined levels following a disruptive incident’. In layman’s terms, therefore, we can determine that RM is about attempting to avoid business disruption from happening entirely, whereas BC focuses on how to maintain functionality should a disruption occur, by predetermining what the minimum levels of staff, systems, resources, etc. are required before operations could continue within a company. Of course, no matter how much planning an organisation carries out, there is still no way to guarantee a business disruption will not take place, so albeit Risk Management is an essential practise for any organisation, it cannot be successful as a stand-alone practice. If a company wishes to prepare itself in the best way possible for such incidents, they would also require a Business Continuity Management System (BCMS). We can therefore conclude that both methods are essential for adequate preparation and protection and should ideally work together to strengthen operations against disruption.
