Resilience Ninja

Coaching and ideas to help build agile and resilient practices.

You are here: Home / BC Practice / … BCM heresy

… BCM heresy

Heresy : “a controversial or novel change to a system of beliefs, especially a religion, that conflicts with established dogma.” (Wikipedia)

Dogma : “is the established belief or doctrine held by a religion, ideology or any kind of organization: it is authoritative and not to be disputed, doubted, or diverged from.” (Wikipedia)

The heresy being considered here is contained in the latest addition to the bulging file of BCM standards – AS/NZS5050.

The dogma would appear to be the BCI’s Good Practice Guide.

For those who have not read it, AS/NZS5050 is a recently published standard entitled “Business Continuity – Managing disruption-related risk”. It seeks to define an approach to BCM that is rooted in the ISO 31000 Risk Management standard.

The standard appears to have fallen foul of the Business Continuity Institute, with Technical Director, Lyndon Bird, highlighting the heresy;

  • It does not follow a generally accepted international view of BCM
  • It uses the “discredited” threats/hazards approach
    • All Hazards being discredited may come as a surprise to those of you in the Emergency Management sphere
  • The use of a BCM lifecycle, aligned with the Plan/Do/Check/Act management standards is considered a better approach than the “discredited” hazards approach.
  • The standard is just “another addition to the risk management genre.”
  • It is misguided because it appears to be aligned with the the view that ‘Resilience’ may be considered an overarching concept.
  • It is not expected to have much international impact because it is not in line with progressive BCM thinking – which is defined as being the contents of the BCI Good Practice Guide.
    • An extremely dogmatic position I would suggest.

The second last point is perhaps the key – it creates the idea that ‘resilience’ may be something bigger than Heritage BCM. That thought challenges the industry of certification and influence.

The analogy to religious history and heretics is fairly close.

Sure, AS5050 is a bit controversial. It really does contain the assertion that these concepts “in the past may have been described as ‘Business Continuity Management’ or BCM.”

But, if you have not actually read the standard, consider these points;

  • It is totally aligned with the PDCA cycle – like all of these ISO-influenced Management Systems standards.
    • It just puts different labels on the boxes.
  • It embraces the strategic aspects that apparently BCM has become (according to the BCI critique)
    • “requires a deep understanding of the operating environment as well as a detailed grasp of the organisation’s objectives and risks. Particular attention is given to those activities, reosurces, processes and dependencies that are most critical.”
    • Sounds like a fairly mainstream view of what BCM should be to me. It even includes reference to doing a BIA.
  • It does not use the BCI/BS25000 lifecycle (burn the witch!)
    • It follows the ISO31000 Principles, Framework, Process model
      • The process (in conjunction with the framework) is a lifecycle by another name.

It will require a post dedicated to the standard to go into a lot of detail about the approach. In the meantime take a look at the BCI link above, which also contains a review by Tim Janes (BCI Australasian Chapter President).

I used to be fairly opposed to the idea that BCM was a subset of Risk Management – mainly due to the way RM is practiced in most organisations. Also due to the fact that RM is really not well positioned to consider the High Impact/Low Probablility risks.

What changed my thinking in this space was looking into the concepts of Routine and Non-routine risk and management. This was the subject of the first post in this series (back in March) – and it is also the key to understanding the value and contribution of AS5050, and perhaps how risk and BC can peacefully live together.

How these two relate to resilience? A topic for another day.

Challenging accepted thinking, is that heresy or just thinking outside the square?
How do we innovate or make any breakthrough in thinking if we cannot challenge the status quo?

Footnote : Photo Credit

The picture is not just random, it is a picture of a statue of Michel de Montaigne – recognised for establishing the popularity of the essay and regarded as the father of Modern Skepticism.

He is also credited with posing a question I have been known to use myself. “What do I know?”

de Montaigne was also considered an heretic by the religious authorities of his time.

Leave a Reply

Your email address will not be published. Required fields are marked *