“Would you tell me, please, which way I ought to go from here?”
“That depends a good deal on where you want to get to,” said the Cat.
“I don’t much care where–” said Alice.
“Then it doesn’t matter which way you go,” said the Cat.
“–so long as I get SOMEWHERE,” Alice added as an explanation.
“Oh, you’re sure to do that,” said the Cat, “if you only walk long enough.”
(Alice’s Adventures in Wonderland, Chapter 6)
Still pre-occupied with the subject of Luc Klein’s excellent article “Is Business Continuity Management a Misnomer?” – which I started to discuss earlier in the week.
In particular I think we need to understand why we may have arrived in the current predicament, so we do not repeat it.
Secondly we need to think about what the way forward may be – and the kind of risks and obstacles we may find along the way.
I have been knocking around in this space since there was only IT Disaster Recovery, and I would offer the observation that we are here because people have spent 20 years just changing the title on their business cards – and 20 minutes thinking about the why and how of what we are doing.
Check out this debate on LinkedIN “Is Business Continuity Fact or Fiction?“, which I have referenced before, which relates to John Orlando and David Lindstedt‘s idea to reform the trade by academic study and discourse. I think Luc’s paper could stimulate some of this debate.
Perhaps an important part of why we have become so operationally focussed, is because that is the organisational level and perspective of most people who practice this BC trade. Sure the Good Practice Guide and the Standards have grand and strategic statements. But they are implemented and practised by people at operational levels, not normally by Senior Managers and Executives.
We are also too constrained by the Business Recovery Planning mode of thinking. Here is another of the misnomers in BCM – plans are the outcome of a planning process, not the outcome of management. BCM should not be defined by plans, or how to use them.
Consider these comments from Rick Nason, who blogs about risk but the same could be said about BC. I added the emphasis;
… it is my liberal arts undergraduate degree that I consider to be the most valuable in my development as risk manager. I believe that the ability to think in liberal arts terms as well as mathematical terms is the new black in risk management. Knowledge of risk techniques is a commodity.
The ability to think and implement risk management is the value added, and in order to think and implement risk you need to understand a variety of aspects of risk – some quantitative but most qualitative. Additionally you need to be creative and flexible in your thinking.
To move on, down a new road, we are going to need new skills. Again not a new topic for discussion here. In December 2009 I reviewed an article from the BCI’s Continuity Magazine on the need for new skills in BCM. The authors were BC practitioners from Deloitte’s. The new generation BC Manager must be able to;
- engage more effectively with a broader range of stakeholders
- influence strategic decision making
- understand a broader range of risks and risk appetites
- analyse business activities and their dependencies and help determine business priorities
- have a much stronger grasp of technology
- manage project or programme delivery more effectively
In short, they need to be considered a partner by Executive Management in the business lines. This is also a requirement to be admitted to the risk domains of Strategy and Finance that Klein discusses.
A similar idea is argued by John Stagl, who I had the pleasure to meet at WCDM in Toronto a couple of months back. Stagl also promotes the need for BCM to include all the things that lead you to go out of business, including Financial. There is a post titled “… new age continuity” that talks about Stagl’s argument in more detail, but I summed it up like this;
Stagl’s view of Business Continuity and how it differed from Disaster Recovery. BC is the continuous, proactive approach to ensuring that your organisation stays in business continuously. Its focus is not limited to disruptive events, but would include financial and markets changes.
I believe we need to move down a new path that embraces the wider range of risks, not just the physical and operational disruptions that currently constitute the domain of BCM.
We are not going to be accepted to do that without an influx of new, and more highly regarded skills.
To go there we may need to be ready to deal with the potential of a situation where there are two-tiers of practice, and with it two tiers of training, experience and remuneration.
As an example I would suggest thinking about Accountants and Bookkeepers – or even Doctors and Nurses. Each have different roles, and they get different levels of respect and remuneration. Issues of equity and comparative effort are not overly relevant to the point here.
I may well be voted off the BCM island for saying this, but it has been some time since the tribe spoke in the comments of this blog.
Which road do you think we should take?
How else could BCM be engaged to address Strategic and Financial disruptions?
If you are a member of the LinkedIn BCM & Risk Group, then you can also join a conversation on this subject there.
Here is link
http://www.linkedin.com/groupAnswers?viewQuestionAndAnswers=&discussionID=66985446&gid=108192&commentID=49785975&goback=%2Eamf_108192_82601&trk=NUS_DISC_Q-subject#commentID_49785975