Business continuity critical in face of uncertainties
Eddy Njoroge
The volcanic activity of Eyjafjallajökull, in Iceland in 2010 caught many businesses and governments unawares.
The consequences of the volcanic ash cloud that spewed in the Icelandic and European air space was felt far and wide.
The airline industry bore the brunt of it all. Planes could not fly and as a result, air travel and transport in various parts of world were cancelled due to the airspace restrictions.
Wider impact was also felt in businesses that rely on trade from airlines and airports.
Closer home, producers of perishable goods, such as flowers, were hit hard due to the grounding of flights.
It was estimated that the Kenyan economy was incurring a loss of $3.8 million (about Sh400 million) each day from the disruption.
Such incidents can disrupt an organisation or business enterprise any time. These disruptions can range from natural disasters like; forest fires, volcanic eruptions, flash floods among others as well as man-made disasters like; cyber-attacks, post-election violence, mutiny, terrorist attacks, among others.
Pandemics such as SARS, H1N1 Virus, Ebola and now the Covid-19 are just some of the many unexpected threats to the smooth running of any organisation or business.
In today’s world, businesses operate in an increasingly uncertain environment.
Businesses that rely on global supply chains face even more complex business environment.
The key concern for most managers is disruption of day to day operations and how to mitigate inconveniences.
It calls for robust business continuity planning to mitigate major disruptions.
Recently, there has been growing recognition of a business-led process encompassing preparations for many forms of disruption which is now referred to as Business Continuity Management (BCM).
Business continuity has evolved much more than just data retrieval because of power failure, fire incident or a computer crash as was the case in 80s and 90s.
It is important to clarify the convergence between BCM and Risk Management.
BCM is about actions required when the disruption occurs to keep the business or organisation running while risk management is about the possibility of an adverse event happening and the mitigating actions an organisation undertakes.
Incorporating risk management and BCM into wider organisational governance framework, not only gives a better view of totality of risk an organisation faces but also places it on a pedestal to understand overall exposure to business interruption and fully prepare for any eventuality.
The interplay between international Standards and management systems like BCM and risk management will be of great importance.
In recent years, International Standards like those developed by International Organisation for Standardsation (ISO) have become central to BCM and Risk management.
ISO 31000; Risk management Standard developed by the Risk Management technical committee of ISO, was previously published in 2009 updated in 2018, under the leadership of British Standards Institute.
It provides direction on how companies can integrate risk-based decision making into an organisation’s governance, planning, management, reporting, policies, values, and culture.
By implementing ISO 31000 organisations can be able see both the positive opportunities and negative consequences associated with risk.
It allows for more informed, and thus more effective, decision making, namely in the allocation of resources.
These standards are becoming widely adopted. They represent unanimity and represent globally agreed best practices.
ISO Standards are developed by a diverse range of specialists from all over the world, from all areas where the standards have an impact, such as industry, government, academia, standardisation.
Standards also provide an assessment platform if the business is ready for any interruption.
Implementing BCM standard does not necessarily offer competitive advantage but helps achieve organisational resilience during disruption.
In Kenya, adoption of BCM and Risk Management Standards can support key policies such as National Policy for disaster management in Kenya.
They can offer significant contribution to county governments on how well to prepare and manage risks in their operations.
The ability to recover, resume operations after a disruption should be an immediate concern and a key focus area for businesses in Kenya. —The writer is the president of International Organization for Standardization and board member, KEBS
