Identify Critical Business Functions
eBook 1: Chapter 10
![BCM [E1] [C10] Identifying Critical Business Functions Banner](https://blog.bcm-institute.org/hs-fs/hubfs/BCM%20E1%20Blog%20Banner/BCM%20%5BE1%5D%20%5BC10%5D%20Identifying%20Critical%20Business%20Functions%20Banner.png?width=1920&height=384&name=BCM%20%5BE1%5D%20%5BC10%5D%20Identifying%20Critical%20Business%20Functions%20Banner.png)
What are the Singapore Institute of Technology’s Critical Business Functions Concerning Business Continuity Management?
Introduction
Business continuity management (BCM) requires organisations to identify and safeguard the activities that must continue, without unacceptable interruption, during a disruption.
Under ISO 22301:2024, organisations are required to determine critical business functions (CBFs) — also known as prioritised activities — whose failure would cause significant operational, financial, legal, reputational, social, or contractual consequences.
For the Singapore Institute of Technology (SIT), identifying CBFs is essential to ensuring that academic delivery, campus operations, industry collaboration, and institutional obligations continue even under adverse conditions.
As Singapore’s university of applied learning, SIT has unique continuity dependencies arising from its integrated work-study pedagogy, applied research activities, industry partnerships, and the physical clustering of academia, industry, and community in the Punggol Digital District.
Purpose of the Chapter
The purpose of this chapter is to define and document the critical business functions (CBFs) of the Singapore Institute of Technology (SIT) in the context of business continuity management.
Under ISO 22301, the identification of CBFs is a foundational requirement, as it provides the basis for prioritising resources, determining recovery strategies, and ensuring that essential university operations can continue or be resumed within acceptable timeframes during a disruption.
The objectives of this chapter are to:
- Explain the importance of identifying critical business functions as part of the BCM framework for SIT.
- Present a structured, SIT-specific view of high-level CBFs whose disruption would lead to significant academic, operational, financial, legal, or reputational impact.
- Provide a compliant baseline for subsequent BCM phases, including Business Impact Analysis (BIA), strategy formulation, plan development, and exercise.
- Establish alignment between SIT’s mission and continuity priorities, ensuring that functions essential to applied learning, industry collaboration, research delivery, and student welfare are protected.
By achieving these objectives, this chapter ensures that BCM planning at SIT is not generic or theoretical, but directly tied to the university’s mission, risk profile, and operational realities, in accordance with ISO 22301 requirements.
Principles for Identifying Critical Business Functions (Per ISO 22301)
SIT’s CBFs are determined using the following ISO-aligned criteria:
- Impact over time if an activity is disrupted
- Regulatory, legal, or accreditation obligations
- Safety and security of learners, staff, and community
- Dependencies on third parties, digital systems, or physical assets
- Implications for academic progression and graduation
- Contractual and financial obligations
- Reputational and public trust consequences
Only functions whose prolonged disruption would create an unacceptable impact are classified as critical.
Critical Business Functions for SIT (High-Level Categories)
The following high-level CBFs are typical for SIT’s operating model. Each CBF encompasses sub-processes that will be further analysed in the BIA phase.
|
CBF Code |
Critical Business Function |
Description |
Key Stakeholders |
Impact if Disrupted |
Recovery Priority |
|
CBF-1 |
Academic Programme Delivery and Assessment |
Delivery of lectures, tutorials, and practical sessions across undergraduate and postgraduate programmes, including applied learning modules. |
Students, Academic Staff, Partner Universities |
Severe disruption to learning continuity, accreditation timelines, and student progression. |
High |
|
CBF-2 |
Digital Learning and IT Infrastructure |
Operation of Learning Management Systems (e.g., Moodle), student portals, email, and network connectivity supporting remote and blended learning. |
IT Services, Students, Faculty |
Immediate impact on online learning and communication; potential academic standstill. |
High |
|
CBF-3 |
Student Administration and Support Services |
Management of admissions, registration, examinations, financial aid, counselling, and career guidance. |
Registry, Student Life, Finance |
Delays in student enrolment, financial support, and academic record management. |
High |
|
CBF-4 |
Industry Partnership and Work-Study Programme Coordination |
Coordination of industry attachments, applied research projects, and collaboration with partner organisations. |
Industry Partners, Students, Faculty |
Reputational impact; breach of partnership commitments; loss of learning opportunities. |
Medium |
|
CBF-5 |
Campus Operations and Facility Management |
Maintenance of classrooms, laboratories, and critical utilities (power, water, safety systems). |
Facilities Management, Campus Security |
Health and safety risks; loss of physical learning spaces and campus operations. |
High |
|
CBF-6 |
Finance and Procurement Management |
Execution of payments, budgeting, payroll, and procurement of essential goods and services. |
Finance Office, Vendors, Staff |
Financial delays, payroll issues, and inability to fund ongoing operations. |
Medium |
|
CBF-7 |
Information Security and Data Protection |
Safeguarding of student data, research information, and institutional systems from cyber threats. |
IT Security, Data Governance Office |
Potential data breaches, loss of trust, and regulatory non-compliance. |
High |
|
CBF-8 |
Leadership, Governance, and Crisis Management |
Strategic decision-making, communication, and coordination during disruptions. |
President’s Office, BCM Committee, Communications |
Lack of direction and communication could exacerbate crisis impact. |
High |
|
CBF-9 |
Research and Innovation Activities |
Ongoing research projects and industry collaborations in applied science and engineering. |
Academic Departments, Research Partners |
Project delays, funding losses, and reputational damage. |
Medium |
|
CBF-10 |
Communication and Public Relations |
Management of internal and external communications, including media relations during disruptions. |
Corporate Communications, Students, Public |
Misinformation, reputational harm, and stakeholder confusion. |
High |
Interdependencies and Support Processes
Each critical business function relies on shared support services such as:
- Human Resources Management – ensuring staffing continuity and welfare.
- Information Technology Services – providing digital infrastructure resilience.
- Campus Security and Emergency Response – safeguarding people and assets.
- Vendor and Outsourced Services – sustaining utilities, maintenance, and outsourced teaching support.
These dependencies are mapped in SIT’s Business Impact Analysis (BIA) matrix to ensure a coordinated recovery sequence across departments.
Alignment with ISO 22301 Requirements
The identification and maintenance of critical business functions directly support several key clauses in ISO 22301:
|
ISO 22301 Clause |
Requirement |
SIT Implementation Example |
|
8.2.2 Business Impact Analysis (BIA) |
Identify activities that support products and services; assess the impact of disruptions. |
SIT conducted BIA workshops with each school and administrative office to prioritise critical functions. |
|
8.3.2 Business Continuity Strategies |
Establish strategies to ensure continuity of critical functions. |
SIT adopted a hybrid teaching model (on-campus + digital platforms) to maintain learning during disruptions. |
|
8.4.1 Business Continuity Procedures |
Develop and implement plans to restore and recover critical functions. |
Departmental BCM plans were developed for academic delivery, IT, and student administration. |
|
9.1 Performance Evaluation |
Monitor and review the effectiveness of the BCM system. |
SIT conducts annual drills simulating IT outages and campus access disruptions. |
![[BCM] [Thin Banner] Summing Up](https://blog.bcm-institute.org/hs-fs/hubfs/BCM%20Generic%20Banner/%5BBCM%5D%20%5BThin%20Banner%5D%20Summing%20Up.png?width=1920&height=250&name=%5BBCM%5D%20%5BThin%20Banner%5D%20Summing%20Up.png)
Following ISO methodology, these CBFs will be further analysed in the Business Impact Analysis (BIA) phase to determine:
- Maximum tolerable downtime (MTD)
- Recovery time objectives (RTO)
- Minimum operating requirements
- Dependencies and recovery priorities
By first establishing these CBFs, SIT lays the foundation for a BCM programme that protects academic integrity, operational resilience, and trust in its applied learning mission.
More Information About Business Continuity Management Courses
To learn more about the course and schedule, click the buttons below for the BCM-300 Business Continuity Management Implementer [B-3] course and the BCM-5000 Business Continuity Management Expert Implementer [B-5].
![Register [BL-B-3]*](https://no-cache.hubspot.com/cta/default/3893111/ac6cf073-4cdd-4541-91ed-889f731d5076.png)
![FAQ [BL-B-3]](https://no-cache.hubspot.com/cta/default/3893111/b3824ba1-7aa1-4eb6-bef8-94f57121c5ae.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
