Four Ways to Leverage GRC Technology to Improve Business Continuity Management


Disasters are unpredictable and random. How an organization approaches Business Continuity Management to plan for unforeseen events can make all the difference between a quick and successful navigation of disruption or a lengthier and costly recovery. While disruptions from natural disasters are obviously possible (and probable), the more common problem today might be an IT failure through natural, unnatural, and sometimes deliberate outside causes.

According to recent research, organizations in the United States have been losing $1.2 trillion from IT failures every year. Worldwide, the average sum amounts to $6.2 trillion! It is these IT disruptions that are becoming the new rallying cry for modern BCM, including linking this program to your GRC solution for most efficient approach.

But if business continuity is about planning for the unforeseen and the unknown, how can an organization take steps to minimize losses?

According to Donald Rumsfeld, the former US Secretary of Defense, “[there] are known unknowns; that are to say we know there are some things we do not know. But there are also unknown unknowns – the ones we don’t know we don’t know.” In this case, Business Continuity Management is a known unknown. Crises will happen, systems will fail, and Mother Nature will strike.

Here are 4 helpful strategies to identify and manage your ‘known unknowns’ to improve Business Continuity Management:

1. Perform Business Impact Analysis –
A thorough business impact analysis (BIA) will help you identify critical processes, assets, and resources that are an essential to your organization. The BIA is essential to help uncover interdependencies across your organization, which are critical to remaining operational. It can also provide a solid foundation for establishing recovery priorities and timeframes in your plan. Understanding the upstream and downstream dependencies of these critical assets will allow you to make informed decisions on how to structure your business continuity program.

2. Test Your Plan Frequently and Make it Better –
The true effectiveness of a disaster recovery plan can only be fully understood after it has been tested. Your plan should be a living, breathing document, which is being continually validated, communicated, tested, updated, and improved. Make sure to test recovery plans against expected results, identify gaps, and continue to make adjustments to keep pace with new workflows, business applications, and technologies.

3. Report On The State Of Your Business Critical Assets –
Deliver meaningful metrics that will help aligned business continuity plans with your organization’s risk thresholds, tolerance levels, and other parameters. Reports against RTO and RPO will help you make informed business decisions and manage relevant activities to improve crisis management and recovery times.

4. Consider the Benefits of Business Continuity Management Software –
BCM software helps organizations develop planning strategies that simplify processes and manage the entire lifecycle of their continuity program. BCM software such as Rsam can automate the entire business continuity lifecycle, import existing asset inventories from any CMDBs or enterprise applications, and address the needs of information availability. A solution that is cloud-based ensures you have access during a disaster.

For more strategies on leveraging your existing GRC Platform to automate Business Continuity Management, attend the webinar on May 21, 2015.  Register at