Incident Response, by Phil Dibbin

Incident Response, by Phil Dibbin

Sasha asked if I could provide a blog for the Eastern BC forum and I said yep no problem, but without giving it much thought to it, but seeing the comment on the web site that the next blog post will be done by Phil Dibbin certainly helped focus the mind somewhat. 

Thinking about Business Continuity, it tends to be a catch all for everything from IT failure, fires, floods, cyber and pretty much everything in between. Headline grabbing incidents like terrorism and cyber get a lot of focus, but in practice it’s more likely something much more mundane will impact your business.  

Here in the East, with a majority of Small Medium Enterprises (SMEs), it can be easy to assume that only large high-profile companies are impacted by business-stopping or hindering incidents. The reality is that the risk of the run-of-the-mill issues like power loss, water leak are pretty much the same here as everywhere else.  In fact, coastal flooding continues to be a very real risk for many businesses in our area. The Orwell flood barrier was only completed earlier this year to address tidal flooding to Ipswich, which in Dec 2013 almost became a major issue for a number of businesses. Fortunately the storm surge just missed coinciding with the high tide in Ipswich, but that was not the case in Lowestoft.

Incidents develop differently and will require differing response and recovery actions – a leak from a clean water pipe is very different from a leak from waste pipe. In practice, when faced with an incident – whether it’s the loss of a facility such as your office, factory or data centre – how you respond in that moment is primarily driven by the immediate impact.

At 3am in the morning, when you’ve just learnt that you have lost the use of your offices your immediate response is going to be driven by the fact that your employees will turn up for work at 8.am as normal! That leaves you with a tight window to make decisions and take action; assessing the longer-term impact must come later. 

When facing an incident that is preventing your business from operating, it can be stressful and can lead to panic decisions. The key is to undertake a good initial assessment as this will highlight the immediate issues/concerns, key decisions/actions and communications. Once the initial response is over you can focus on the recovery (which will be influenced by the cause of the incident itself).

So what does this mean for those of us in Business Continuity?  Well even considering just a few critical points in advance will make your response to an incident more effective and the situation, hopefully, less stressful.

  • Understand your risk appetite – what impact will a one day, two day etc outage cause to your business? 
  • Understand the key risks to your business – loss of key people, critical suppliers etc, and critical times of month or year?
  • Have an initial response plan – identify who can do the initial assessment, who needs to be included to make decisions, issue communications etc?  
  • Have a recovery strategy – do you have alternate sites or suppliers, do you have non critical work which can be put on hold etc.

Keep an eye on the East Business Continuity Forum website as we will develop these themes to help you and your business develop/refine plans, learn from others experience and gain knowledge on best BC practice.