Where is your BCM roadmap taking your program in 2015? Do you even have a roadmap to guide your efforts? Do you find you and your team more focused on fighting day to day fires, dealing with management told you so’s or addressing client audits then setting a plan for heightened sophistication, compliance and maturity. As the old saying goes, it doesn’t matter what road you are taking if you don’t know where you are going!
We find a good number of BCM programs in all sizes and shapes of organizations with no roadmaps to direct BCM efforts across the organization. Producing a roadmap based on critical needs, sets the tone for targeted efforts that will bring the biggest return on investment of time and resources. Having a roadmap is a key component of BCM Governance Risk and Compliance (GRC). The roadmap shows due diligence was conducted in the management of the program and its risks.
But before you have created a proper roadmap, you need to have a good understanding of the state of your program. Look at the following areas of your BCM program and assess each for successes, weaknesses and opportunities for improvement:
- Program Administration
- Crisis Management
- Business Recovery
- IT Disaster Recovery
Based on your high level assessment, identify where the strengths, weaknesses and opportunities for improvement lie in each of the four areas. Prioritize findings by criticality and importance to heightening the sophistication, compliance and maturity of your program over the next twelve months.
Now create a roadmap for the next four quarters to include ongoing BCM activities (maintenance, testing steering committee sessions, etc.) plus critical areas of opportunity you identified in your high level assessment. You may not be able to get to all of them so further prioritize your list to the most important opportunities that will yield the greatest opportunity for heightened resiliency in the next twelve months.
The roadmap is not a static document; it must be refreshed on a monthly basis based on progress or changes in the environment. Its purpose is to set the tone and direction for your program, its up to you and your team to execute upon it.
Michael Herrera
Michael Herrera is the Chief Executive Officer (CEO) of MHA. In his role, Michael provides global leadership to the entire set of industry practices and horizontal capabilities within MHA. Under his leadership, MHA has become a leading provider of Business Continuity and Disaster Recovery services to organizations on a global level. He is also the founder of BCMMETRICS, a leading cloud based tool designed to assess business continuity compliance and residual risk. Michael is a well-known and sought after speaker on Business Continuity issues at local and national contingency planner chapter meetings and conferences. Prior to founding MHA, he was a Regional VP for Bank of America, where he was responsible for Business Continuity across the southwest region.
