Be prepared: lessons from experiences in business discontinuity

Produced by: Socitm Insight

Type: Reports

This report draws out lessons from six case studies of local authorities, and their suppliers, who have experienced major disasters where the lack of an ICT service has disrupted business continuity.

Part A - Management of risks to business continuity  

Section 1  Introduction

Vulnerabilities are everywhere. So are threats.  Any public sector organisation could suffer a major incident.  The Civil Contingencies Act sets expectations for your readiness.  An incident could happen in your area.  It could happen at any time.  If it happens to you, expect only questions about how well you prepared, and how well you responded.

Section 2  Vulnerabilities

Organisations in the modern world are vulnerable to business discontinuity in many different ways. We have classified sources of risk into six groups in order to help organisations plan their responses to possible incidents.

Section 3  Preparation

Once disaster strikes, you can only respond and recover.  The quality of your response will owe everything to the quality of the preparation.  Although every case is different, people need to know what to do, not to ask someone else.

Section 4  Conclusions

We summarise the lessons that emerge from the experiences that we have analysed, and the many points of good practice to replicate, together with the mistakes and omissions that, with hindsight, might have been prevented.   

Part B - Responses to disasters, actual and potential

Section 5  Case studies in business discontinuity

We have selected five examples of councils, and their suppliers, who have experienced major disasters where the lack of an ICT service has disrupted business continuity. They illustrate some of the broad range of possible disasters and what happened to the organisations affected by them.  Most importantly, we identify what we can learn from the experience.

Last modified: 19th January 2010