How To

5 Ways to Build a Business Case for Business Continuity

To win support for a business continuity plan, emphasize ways it can give your company a competitive edge

By Katherine Walsh

March 20, 2008

The importance of business continuity planning is a no-brainer--if you're a security leader who already thinks in terms of security and risk, that is. But convincing business executives, who typically think in dollars and cents, of such a plan's criticality may be a tougher sell. While the fundamental importance of business continuity is fairly obvious, the reason to spend lots of money on it may not be.

If you want to make an effective business case for business continuity, you need to make its effects tangible, before disaster strikes. That means emphasizing not just the criticality of risk mitigation, but also the business value and competitive edge that a strong business continuity plan can provide. "Far too often business continuity is thought of as an expense, overhead, or something we have to do to please the auditors," says Jack Smith, vice president and manager of global IT business continuity at ABN Amro in Chicago. "Look at it as a business opportunity and a competitive advantage instead."

Of course that's easier said than done. But here are a few tips to get you started.

1) Use regulatory compliance to your advantage.

Regulatory requirements are the obvious place to start in gathering support for business continuity planning. In certain industries, regulations will define your business continuity strategy. Especially if your company is in the healthcare, financial services or insurance industry, the need to comply with regulations may dictate your thresholds for recovery.Regulations can be an asset when you're trying to get buy-in from the board of directors and other executives, says Jim Grogan, vice president of consulting product development for SunGard Availability Services, a business continuity services provider. Educate yourself about the regulations for your industry--both ones that are in existence and those that may be on the horizon.

2) Aim to create a business continuity plan that reflects your company's culture.

As you get started, step outside of yourself and your own ideas and appreciate that business continuity means different things to different people, Smith advises. The type of business continuity plan you design and how you sell it will be influenced by your company's culture and organizational structure. Understanding this cultural landscape will help you craft a plan that is less likely to meet resistance from other parts of the business.

"Take a look at the various departments that make up the business," Smith says. "What are their priorities? What business functions are the most important? That's a great place to start."

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WHITE PAPER
Maximizing Site Visitor Trust Using Extended Validation SSL

VeriSignNow with Extended Validation (EV) SSL available from VeriSign, you can show your customers that they can trust your site. Learn about EV SSL benefits in the free VeriSign white paper.

» Read the Paper

Featured Sponsors
Sponsored Links

Manage your IT more effectively

Simplify your data center with Juniper Networks. View the webcast

Understanding Data Location is Imperative for Data Loss Prevention

CA's IT Security centralizes your identity management to turn security into a proactive, business-building tool

Any company can promise identity protection. Only Debix can prove it

7 Requirements of Data Loss Prevention

Information Security: Data Drains and How to Prevent Loss

How Are Open Source Development Communities Embracing Security Best Practices?

IDC Defines an Identity and Access Management Submarket

Using Likewise to Comply with PCI Data Security Standard

IDC Defines an Identity and Access Management Submarket for Managing Privileged User Accounts and Meeting GRC Requirements

Everything Today's CISO Needs to Know About Using SSO to Succeed in the Web 2.0 Era

The Case for Business Software Assurance ~ Securing Your Applications

Maximizing Site Visitor Trust Using Extended Validation SSL

Solving Online Credit Fraud Using Device Reputation

Get in Compliance With Government Data Regulations

Efficient - Flexible - Compliant

Enabling Compliance with Converged Mainframe Security and Storage

Taking the Botnet Threat Seriously

Secure your virtual and physical environments with the same software

E-LOAN Maintains Reputation as a Privacy Leader with Symantec

Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands

Prudential Financial Protects its Brand with Symantec

Envision Identity-Based Access Control for the Datacenter

Digital Identity Protection and Data Security Get Personal

Welcome to the age of Service-Oriented Security (SOS)

When Customer Relationship is Everything, Businesses Bank on SSL Solutions

Managing SSL Security in Multi-Server Environments

The Latest Advancements in SSL Technology

How to Offer the Strongest SSL Encryption

Forrester Total Economic Impact (TEI) report: Save Millions in Fraud Losses.

5 Steps to Secure Outsourced Application Development