Once you define the Business Continuity profile of your organization, the next element to consider is how to keep up-to-date your newly defined map.
Adopting a “buffer zone” technique and identifying the internal sub-cultures are key elements of Business Continuity.
The buffer technique will allow focusing on the “inputs” and “outputs” of the outsourced activities, so that you can build emergency procedures to be used short-term, should the outsourcing supplier become unable to fulfil the SLA.
There are two basic ways to manage knowledge: building a collection or building a thesaurus.
As described in the first issue , in our experience a thesaurus is actually a collection that keeps a connection with the source of the knowledge, as only that can ensure that the information is up-to-date.
If the connection is lost, the thesaurus becomes a collection, and any decision taken on this information will progressively increase the risk level, as any decision taken on misleading information.
Once the thesaurus and map are in place, managing the Business Continuity requires the typical structuring activities.
Incidentally, this has a side-effect on human resources management.
Often, managers promoted “from the ranks” are appointed to their new position not only because they are the most appropriate candidate, but also to ensure “knowledge continuity” with their former colleagues.
Unfortunately, after a while, their “thesaurus” becomes a “collection”, detached from reality, also if, quite often, they do not acknowledge that what they still assume to be current knowledge, a “knowledge base”, is frozen in time.
Moreover, if they fail to acknowledge this issue, they risk “short-circuiting” decision-making processes, taking on and by themselves operational decisions based on their own past experience, ignoring the current operational realities.
Yes, generalist managers, whose key expertise is in management science, have their own shortcomings, but neither choice (from the ranks, or from an MBA) is fool proof: as in any other activity involving humans, also Business Continuity requires a constant oversight from human resources, in support to management, to validate that the people appointed to coordination roles in this domain have the appropriate combination of skills and potential.
First and foremost, a proper communication path has to be defined, a path that has to be structured and maintained- also in this case, it is something closer to a programme than a mere project.
Any information affecting the Business Continuity delivered to the “thesaurus management” function of the organization must be propagated back to the organizational units that could actually be affected, for their own information and consideration.
Usually, the lack of this two-way communication structure results at best in duplicated and uncoordinated efforts to keep up-to-date, at worst in simply adopting a “wait-and-see” attitude.
If the management structure and processes are defined, then Business Continuity Management could become another tool to support the definition and implementation of strategy.
In the early 1990s, as part of a cultural and organizational change initiative, this “Business Continuity management” approach was used with a customer to minimize the number of meetings required to ensure that all the required information to develop cross-functional system in a banking environment was available to all those whose systems or organization could be impacted by a proposed change, be it of an organizational or technological nature.
At the time, before Internet, the tool used was Lotus Notes (the collaboration suite); in mid-2000s, a Wiki-like use of an Open Source platform called DotProject provided the same ability to manage multiple initiatives at the same time anywhere, anytime.
Today, there is no limit to the number of tools available, but the process and culture should drive to the right tool, not the other way around.