I read a lot of BCM-related websites, and I am subscribed to too many mailing lists and RSS feeds on the subject. With a lot of the content I just hit the delete key. However when the name Tim Armit comes up on on any of these sources I sit up and pay attention.
Tim speaks his mind, and his opinions are based on considerable experience and good understanding of what this BCM game is really about.
This article from Tim on Continuity Central, entitled “Have we lost sight of the bigger picture” is a must read for everybody who has any interest in BCM. Just click through and read it please – come back and read the rest of this post later if you want.
I share Tim’s despair at the state of the art of BC. But I am not surprised by the situation he describes.
BCM is not currently about the continuity of operation of a business. It has become something else – more focussed on the management system and the certification of that system than the capability to deal with an incident and recover.
In other posts on this blog I have suggested that resilience may just be BCM done properly. Perhaps BCM is a lost cause (or a lost discipline) and we need something to replace it.
It also reminds me of Nathaniel Forbes recent lament about the lack of a career path in BCM. In many ways the problem is driven by the same processes and outcomes that are not valued by the business leadership.
Over at the DRJ Blogs I responded to a post and asserted that ‘resilience’ should address economic downturns. That position was rejected as not being the province of BCM. It is not surprising to me that Tim has BC Managers from failed companies telling him the same thing.
Sure Risk Management could be considered the ‘big picture’ discipline, but BC Planning is supposed to be a mitigation for residual risk. We have become too focussed on the historic risk approach of looking at probability more than impact. Even Risk Management has changed its own focus in ISO31000 to look more at impacts.
The situation Tim describes with the UK Financial Sector is truly appalling. How long before others countries follow suit? Not long I would suggest – this will enable them to have a safe process to get compliance ticks.
Well said Tim, but I am not optimistic that too many are really listening.
What do you think?