When a business crisis occurs, the last thing you want to do is panic. The second-to-last thing you want to do is be unprepared. Crises typically arise without warning. While you shouldn't start every day expecting the worst, you should be relatively prepared for anything to happen.

A business crisis can cost your company a lot of money and ruin your reputation if you aren't proactively prepared to handle one. Customers aren't very forgiving especially when a crisis was caused by accidents within the company or from other preventable mistakes. If you want your company to be able to maintain its business continuity in the face of a crisis, then you'll need to come up with a plan to uphold its basic functions.

Free Download: Crisis Management Plan & Communication Templates

No matter what type of business you are operating, you need to be constantly considering the possible threat of a crisis. If you want to be able to effectively manage them, then it's essential that you have a business continuity plan in place to tackle difficult or unexpected situations.

Business Continuity vs. Disaster Recovery

Disaster recovery plans are often created as part of an overarching business continuity plan. The difference is that disaster recovery plans are technical plans focused specifically on recovering from product failures, while business continuity plans manage stakeholder relationship during a crisis.

For instance, in a larger crisis — like a building being flooded — you may have lost some of your IT services. Thus, included in the larger business continuity plan would be one or more disaster recovery instructions that would focus specifically on recovering those IT services.

For example, one crisis that your business may have to respond to is a severe snowstorm. Your team may be wondering, "If a snowstorm disrupted our supply chain, how would we resume business?" Planning contingencies ahead of time for situations like these can help your business stay afloat when you're faced with an unavoidable crisis.

Business Continuity Planning

Business continuity planning is a proactive process by which a business creates a plan to address a crisis. When writing out a business continuity plan, it's important to consider the variety of crises that could potentially affect the company and prepare a resolution for each.

How often should a business continuity plan be tested?

It's simple — the more time you put into your business continuity plan, the better it's going to be. You should constantly be looking over the plan to make sure it's up-to-date with your current business processes. The larger your organization is, the more complex your systems are going to be, meaning you'll want to review your business continuity plan more frequently to ensure there aren't any overlooked gaps.

The following schedule is recommended to maximize the reliability and validity of your plan, while also minimizing the amount of time you're putting into plan review.

1. Review your checklist twice a year.

Your team will review the elements of your business continuity plan bi-annually to make sure all the responses still apply to your current status. In addition, you'll use this opportunity to ensure that each response aligns with your desired business goals.

2. Conduct emergency drills once a year.

Just like schools have fire drills, your organization should have emergency drills to prepare your staff for the steps that are laid out in your business continuity plan. This will also help when a real crisis occurs because they will have practiced the steps before.

3. Hold tabletop reviews every other year.

All stakeholders involved with the business continuity plan should meet every other year to discuss it. This review doesn't take too much time and doesn't require physically running through the steps, but it can reveal red flags that would otherwise go unnoticed.

4. Conduct a comprehensive review every other year.

Unlike the tabletop review, the comprehensive review takes a deep dive into the plan. It should look closely at cost-benefit analyses as well as recovery procedures to ensure everything is up-to-date with current business operations.

5. Mock Recovery Test: Every two to three years

This is an in-depth test in which the business continuity plan is put fully into motion to test for any weaknesses or mishaps. Since this test is time-consuming, it shouldn't occur frequently, but it will ensure all internal stakeholders are confident in the plan.

Now that we understand business continuity and its vocabulary, the next step is to learn the process of writing a business continuity plan.

1. Select a business continuity team.

Before you begin strategizing, assemble a management team to be in charge. The job of crafting a business continuity plan isn't a light one, so this group should include people who are detail-oriented and organized. Some of the roles on the team are:

  • Executive manager: This is the person who leads the writing process and is the link between company executives and the rest of the business continuity team.
  • Program coordinator: This is the team leader who coordinates all activities related to the plan, such as budgeting, development of recovery procedures, and more.
  • Information officer: This person is responsible for accessing and sharing data related to the business continuity plan.

2. Define the objectives of the plan.

What are you trying to achieve with this plan? It's important to know the end goal for your business continuity plan, whether it be resuming business processes as normal or improving the organization's reputation. When laying out the objectives, you should also consider your budget to get a sense of the resources that you're going to be working with.

3. Conduct a Business Impact Analysis.

A Business Impact Analysis (BIA) analyzes the main operations of an organization, the major resources it uses, how its operations relate to one another — a.k.a. when one function goes down, how does it affect other operations — and how long each function generally takes to complete.

A BIA is a key part of the final business continuity plan. This is where you weigh costs against benefits to get a greater understanding of which functions should be prioritized. Moving forward, you'll know where it's most important to allocate your resources when faced with a crisis.

4. Draft out the plan.

Now that you have a good idea of what to include in your plan, start by composing a first draft that can serve as a baseline. The draft should include the following aspects to ensure a well-rounded, actionable plan:

  • The purpose, objectives, budget, and timeline of the plan
  • The members of the business continuity team and their roles
  • All of the important stakeholders that are involved in the business continuity plan
  • The Business Impact Analysis
  • Proactive strategies that will be put into place to prevent crises
  • Reactive strategies that will immediately respond to crises
  • Long-term recovery efforts
  • Training and testing schedules for proactive preparation

5. Test the plan for gaps.

Of course, you should immediately test your plan. Start with communicating with each member of the organization who would play a role in the business continuity plan. After a brief training in the steps they must take, conduct a mock recovery test that can put the plan into action. Make note of any gaps in the plan.

After testing is complete, correct any flaws you find in your plan. Keep testing and implementing changes until you're satisfied with the final result. This completed plan, however, isn't permanent as it will likely undergo changes in the future as your organization adapts and grows. Thus, it's important to keep testing your plan if you want to be properly prepared for a crisis.

Business continuity planning isn't a one-time feat. Your plans need to be constantly reassessed if you want to adequately prepare for every situation. Consider adopting a business continuity management team to oversee your continuity plans and keep them up-to-date.

One responsibility that business continuity management teams have is planning for disaster recovery. Disaster recovery is a component of the business continuity plan that specifically focuses on product issues.

Now that you've learned everything there is to know about business continuity plans, use the following template to start creating one for your organization.

Business Continuity Plan Template

Name of Organization


I. Program Administration

1. [Purpose of the plan]

2. [Objectives of the plan]

3. [Budget]

4. [Timeline]

II. Governance

1. [Members of the business continuity team with their roles and contact information]

2. [Other stakeholders with their contact information]

III. Business Impact Analysis

1. [Business Impact Analysis]

IV. Strategies and Requirements

1. [Proactive strategies to prevent crises]

2. [Reactive strategies to immediately respond to crises]

3. [Reactive strategies for long-term recovery from the crises]

V. Training and Testing

1. [Training schedule for employees]

2. [Testing schedule]

For more tips on handling business crises, read about the different types of crisis that can affect a business.

crisis communication

 New Call-to-action

Originally published Mar 27, 2019 8:00:00 AM, updated March 26 2019


Crisis Management