Video Screencast Help

The PROBLEM with ‘Best Practices’ for Business Continuity

Created: 04 Oct 2012 • Updated: 04 Oct 2012 • 1 comment
dennis_wenk's picture
+1 1 Vote
Login to vote

“Best Practices” is a popular expression of the intent to manage business continuity prudently.  Best Practices are seen as a way to sidestep both the quantification of operational-risks, as well as, the objective evaluation of the cost-benefit for any proposed mitigation actions.  There are several reasons why Best Practices “Are not.” best for Business Continuity purposes.

  • It is unreasonable to assume that a best practice could optimally answer the business continuity questions for multiple organizations.  Organizations differ widely in terms of their maturity level, their technologies deployed, and their vulnerabilities. 
  • Given the wide assortment of published ‘best practices’, which of the best practices really are the ‘best’ for any particular circumstance? 
  • No organization could hope to implement all of the thousands of best practices to get it perfectly-right, and there is no way to know which best practices are most cost effective? 
  • Organization do not have unlimited resources, however, there seems to be unlimited risks.  Best practices do not help identify which risks are the most serious?

The fundamental requirement for business continuity is to (1) measure and evaluate risks objectivity, (2) determine which risks are the most serious risks and (3) then make a rational choice on how to best invest scarce resources to optimally reduce operational risk.

Comments 1 CommentJump to latest comment

jimnelson's picture

Dennis-thank you for sharing some good thought provoking ideas. I would be interested in your views on the difference or applicability of requirements, regulations, best practices, "the way we do things around here" and standards that organizations can consider for their unique needs and requirements. (I recognize these would differ from the ICT organization, the DR team, the BCM folks, Risk Management and of course the business owners.)

+1
Login to vote