If there is no Business Continuity plan implemented and the organization in question is facing a rather severe threat or disruption that may lead to bankruptcy, the implementation and outcome, if not too late, may strengthen the organization's survival and its continuity of business activities (Gittleman, 2013).

"Whether a large event or a small incident such as a localized computer failure, no organization is exempt from disruption. While business continuity may not prevent these from happening, or negate all of the cost, it will help reduce the impact, it will help the organization to continue operating as normal as possible and it will help reduce reputational damage." (Steve Mellish, Chairman of the Business Continuity Institute, BCI)

MindRisk Matrix
  • Policies,
    Procedures and
    Guidelines
  • Risk
    Management
  • Performance
    Management
  • Information
    Systems
  • Reporting
  • Corporate
    Governance
  • Investigative
    Forensics
  • Business
    Continuity
  • Risk
    Management
  • Does your CRO
    report to the Board?
  • Process Risks and
    Controls
  • Information
    Security Risks
  • Key Risk Indicators,
    Financial Statement Risks
  • Compliance Risk
  • Anti-Fraud measures
  • BCP Coordination Risk
  • Performance
    Management
  • Operational Risks
  • Do you have a
    Strategic Scorecard?
  • Business strategy aligned with IT Strategy
  • Rolling Forecasts
  • Governance
    Committees
  • Anti Money Laundering &
    Terrorism Financing
  • Offsite Arrangements &
    Call Trees
  • Information
    Systems
  • IT General Controls and
    Application Controls
  • IT as Business enabler
  • Does your Board understand IT Strategy?
  • Capitalisation of IT projects spent
  • Privacy
  • Detective controls
  • Minimum Acceptabe Outage (MAO)
  • Reporting
  • Dashboards
  • Financial, Management and Regulatory Reporting
  • IT spent and
    benefit realisation
  • Financial report reconciles with Management report?
  • Disclosure
  • Reputational
    damage
  • Criticality Assessment
  • Corporate
    Governance
  • Risk and Audit Committee
  • Board Composition
  • Board and the CIO
  • Internal and External Auditing
  • Is your organisation aligned with best practices?
  • Whistleblower
    protection
  •  
  • Investigative
    Forensics
  • Internal & External Fraud
  • Segregation of Duties
  • Access Controls
  • Provisions and
    Contingencies
  • Organisation capable to coordinate with local Police?
  • Penal Provisions and
    Prosecutions
  • Business
    Continuity
  • Critical Response
  • Succession
    Planning
  • Data Recovery
  • Impact Analysis
  • Incident Management Team
  • Regulatory Penalties
  • Do you have a drilled Business Continuation Plan?
If you have any questions or comments email us at bcp@mindrisk.com