When a person is introduced to Business Continuity Management (BCM) or Crisis Management (CM), there is a tendency to read and understand the meaning of the terms from the English definition. This is useful, but the need to be precise in the BCM field of definition is essential for developing the right strategy and plan content.
Besides affecting normal business operations, such an unplanned disruption can tarnish an organization’s image.
In extreme cases, an incident that is not managed correctly can result in significant physical or environmental damage and cause substantial injuries to employees or even death.
An incident is something non-ordinary that has just occurred in your business environment. For example, a robbery in the bank is considered an incident.
For simplicity's sake, it is a security incident, and the person responsible will be the designated "Head of Security" and the security personnel stationed at the banking hall.
If the robbery incident is "completed," which means the robbers have left the premises or been arrested, the security incident becomes a non-incident. After the police have completed their investigation, the environment will be asked to stand down.
What could happen is that the robbers had in possession of a weapon, and he or she had caught harm or even death to the staff of the bank or even the customers.
The accident is escalated as an emergency as immediate attention needs to be directed to the affected staff member or customer.
The consequence of a death or even injury will result in the bank being closed for investigation and even forensic investigation.
This will result in the closure of the bank premises, and hence, access to the premises will be denied. The definition falls under a "disaster."
Should death occur, the next of kin of the customer or staff member could sue the bank, which would become a crisis for the organisation. Remember, the bank premises are open to the public except when there is a crisis of being sued.
Here is another instalment of definition explained and contextualized to a banking environment, but it helps explain the terms better.
Hence, an event is a pre-announced large-scale activity in a specific location (near your business premises) that would lead to a disaster or crisis.
The stakeholders are made aware by a set of announcements or early indicators.
Some examples are hosting APEC meetings, the Olympics, the Formula One Race, and the WTO meetings, whereby the duration and the dates of disruption are known.
When explaining these terms, it is helpful to provide examples from your industry, like the banking examples I offered.
Contextualizing the text to your organization will enable senior management and the respective team members to develop a coordinated plan without worrying about the integration at a later stage of the implementation.
ISO 22301 Business Continuity Management System Expert Implementer [BCM-5000] | Crisis Management Expert Implementer [CM-5000] | Crisis Communication Expert Implementer [CC-5000] |
IT Disaster Recovery Expert Implementer [DRP-5000] | ISO22301 BCMS Lead Auditor [BCM-8530] | Operational ResilienceExpert Implementer [OR-5000] |
Operational Resilience Audit Expert [ORA-5000] |