Call 020 8651 7420  Email 
Risk insights business interruption
18 July 2022

6 steps to developing a business continuity plan

To protect your not-for-profit organisation or business from unavoidable interruptions, it’s important to have an effective business continuity plan (BCP) in place. At a glance, this should serve the following purposes:

  • To protect employees and personnel
  • To prevent environmental contamination
  • To protect revenue, assets and information
  • To prevent loss and to contain loss that occurs
  • To protect your reputation

Review the following guidance for an outline of steps that you can take to develop an effective BCP and minimise business interruptions.

1. Determine the risk

When determining the potential risks for business interruptions, consider both environmental risks and human risks. Additionally, consider which risks are preventable and which are not.

Once the risks are identified, you can begin to understand all elements involved, such as the hazard itself, the assets at risk, vulnerability to the risk and the ultimate impact of the risk. To be best prepared, rank each risk according to the likelihood of occurrence and the severity of impact.

2. Calculate the cost of interruptions

After the risks have been ranked, analyse the impact of each risk. In calculating cost containment, the following should be considered:

  • Lost sales or income
  • Increased expenses
  • Regulatory fines or contractual penalties
  • Potential business delays

3. Understand your insurance cover

The next step would be to review your insurance cover. Business interruption insurance generally comes into effect in these circumstances:

  • Physical damage (e.g. fire or flood) to the premises causes suspended operations.
  • Damage to property that is covered by the policy prevents customers or employees from accessing the business.

Since business interruption cover can differ significantly, it is important to understand the policy terms, such as exclusions, extensions, cover limits and indemnity periods. Be sure to review your policy carefully with your specialist insurance broker to ensure bespoke cover for your unique business needs.

4. Implement steps for prevention and mitigation

There are three different approaches for controlling and containing potential hazards:

  • Prevention: This method identifies preventable hazards and implements steps to avoid occurrence of the hazards.
  • Deterrence: This method identifies potential criminal activities that create business hazards. Steps are taken to prevent the criminal activities.
  • Mitigation: This method identifies hazards that cannot be prevented. Steps are taken to control and contain the hazards in case of an occurrence.

5. Create a crisis communication protocol

As part of your BCP, it’s important to establish a crisis communication protocol to provide employees and customers with updates and critical information. The protocol should include the following:

  • A chain of command allows for information to be shared efficiently and ensures that all personnel receive proper information in the event of a disaster.
  • Pre-scripted messages to eliminate confusion by pre-scripting messages that will be shared with customers, employees and the public in the event of a disaster.
  • A bi-directional communication network allows for communication to occur in multiple directions to efficiently pass information in the midst of a disaster.

6. Prepare an incident response plan

In addition to a crisis communication protocol, your BCP should include an incident response plan to ensure your organisation is prepared to respond appropriately and efficiently to a disaster. This plan should be practised and reviewed regularly for effectiveness. Specifically, the plan should include the following elements:

  • IT and data recovery: Implement a data backup programme to protect and recover important information. Enforce workplace policies that assist in both preventing and mitigating the impact of a data breach. Further, consider developing a separate cyber-continuity and incident response plan with your staff to address your organisation’s unique cyber-security risks.
  • Contracts: Pre-arrange written contracts with other organisations and external suppliers to continue fulfilling commitments to customers.
  • Resources: Prepare an inventory of resources that are essential to regaining the ability to operate.
  • Testing and training: Run a test of the plan to ensure the plan is successful. Offer routine staff training to make sure employees understand their responsibilities in helping execute the plan.

By taking these steps, it is possible to minimise potential business interruption risks and limit the impact of unexpected disasters. With a Business Interruption insurance policy, you can be covered for resulting costs such as relocation, increases in rent, loss of income and publicity costs. Cover for grants and donations can also be added. Speak to your charity insurance specialist about the appropriate levels of cover for your unique risks.

Access Insurance has an average rating of 4.8 stars based on 189 customer reviews at feefo