One in four firms lack business continuity plans

Stan Beer
Friday, 20 May 2005 04:50

IT Industry - Development

More than a quarter of firms (28%) have no formal plans to protect them against disasters caused by terrorism, natural disasters or systems failures, according to a new survey.

The survey and report on business continuity planning from AT&T and Cisco Systems in co-operation with the Economist Intelligence Unit revealed the result, despite the fact that 28% of firms in the survey admitted they have already experienced a full shutdown of key business operations as a result of a disaster in the past.

Conducted by the Economist Intelligence Unit, the survey asked 240 senior executives worldwide to comment on their firms' capabilities in business continuity planning. The research report defines business continuity planning as strategies and processes which enable firms to survive incidents and threats such as electronic security breaches, natural disasters or terrorism.

The research reveals that many firms are sceptical about their ability to manage threats to their most valuable assets. Less than half of the survey participants are confident that their organisation is able to fully protect their business from threats to digital assets (for example IT systems and data) and general infrastructure. Only 48% are confident they can ensure the safety of their employees in the event of a disaster.

US firms are most likely to have business continuity plans in place, according to the survey. However, even those firms that do have a business continuity plan often fail to test them with sufficient regularity: less than half of companies surveyed had tested their plan in the past 12 months.

"This report should serve as a wake up call to business," says Steve Lowe, Vice President, AT&T Business, Asia Pacific. "As business becomes ever more network intensive with IT systems increasingly the central nervous system of the corporation, the risks of even a minor disruption having a huge impact across the business and through out the supply chain get even greater. It's vital that every enterprise has in place a reliable, robust and scalable business continuity plan; increased regulatory exposure and financial accountability demands that this is not a topic senior executives can afford to ignore. With threats as diverse as cyber attacks through to climate changes all adding multiple layers of complexity there is an imperative to have in place the preparation to prepare for the unexpected."

The report, which includes interviews and case studies on best practice in business continuity planning as well as a full analysis of the survey results, suggests that many firms believe business continuity is important. However, most firms have made slow progress in putting adequate measures in place to safeguard their firms against a wide range of threats. The report concludes that firms will come under increasing pressure from shareholders, regulators and insurers to demonstrate more robust business continuity plans in the near future.

"These survey results show that there is much effort required before companies can feel confident they have done all they can to identify and put in place the measures needed to secure their people, their offices, and their intellectual property," says Robert Lloyd, president of operations in the Europe, Middle East and Africa region, Cisco Systems.