Question

Litapi Fisheries has just finished registering with Patents and Company Registration Authority (PACRA) as a Supplier of Fish to Hotels, Boarding Schools, Colleges and Universities amongst other intended clients. The Supplying Company has been organized into Marketing, Procurement, Accounts, sales, Human Resource and IT Departments. The Chief Executive Officer (CEO) of the company has decided to start with rented office premises in the town center of Mongu town, his single light truck as the only start up transport. The IT department is supposed to maintain the IT infrastructure on which all the other departments store their information and also provide the electronic marketing support for the marketing department. In the last five years, the region which is their major source of fish has experienced droughts and floods. The fish storage facilities which have been gotten by loan from the local Radian Stores are new and use AC power which is often loadshaded, at times for longer periods.

a) The human Resource department has just hired you as their inaugural Business Continuity Manger and tasked you to come up with Business Continuity Management System specific to this company. Discuss the said Business Continuity Management System, clearly highlighting the Mitigation and Continuity Strategies.

b) Use PDCA process approach to show how this fishing company can improve its management operations.

Answer 1

a) The Mitigation and continuation strategies: Business Continuity Strategy is a phase and it is the conceptual summary of preventive (mitigation) strategies, crisis response strategies and recovery strategies that must be carried out between the occurrence of a disaster and the time when normal operations are restored. Risk mitigation strategies assess a company from top to bottom to identify potential threats and risk vectors. This includes both internal and external threats that could compromise business continuity.

• Natural Disaster: The threat of natural disaster looms large in the minds of many companies and is still the first thing many of them think of when using the term disaster recovery plan.

• Infrastructure Disruption: In many natural disaster situations, the real danger comes not from the event itself, but rather from the loss of power to critical infrastructure. This is especially challenging in regions with outdated or overburdened power grids.

• Human Error: People make mistakes. Organizations can take exhaustive steps to mitigate risks, but if they don’t take the time to think about how to communicate those processes to their employees, they greatly increase the likelihood of an incident due to ignorance, oversight, or accident.

• Cyberattack: As organizations become more reliant upon their IT networks to deliver services and manage data, they must increasingly take the risk of cyberattacks into account.

• Physical Security: While it may not get quite as much attention as cybersecurity, physical access and security still represents a critical risk vector for any organization. Having risk mitigation strategies in place that establish how data should be handled or how people should respond to a breach is certainly important, but knowing who is authorized to enter a data center and access physical hardware is just as crucial.

The business continuity plan is based on the Prevention, Preparedness, Response and Recovery format (PPRR format)

b) The process approach pushes an organization to plan its processes and their interactions. It incorporates the Plan-Do-Check-Act (PDCA) cycle and risk-based thinking, which means that any organization should manage and control the processes that make up their organizations. The processes include the interactions between these processes, and the inputs and outputs that tie these processes together. It also means that they manage these process interactions as a system. The PDCA cycle enables an organization to ensure that its processes are adequately resourced and managed, and opportunities for improvement are determined and acted on. Thus, by following this fishing company can improve its management operations.