Content Copyright © 2020 Bloor. All Rights Reserved.
Also posted on: Bloor blogs
Bloor Research are delighted to welcome new analyst James G. Barr to the team. James will focus on business resilience, and in his first blog post discusses Mutable Business Continuity.
Recently, Bloor Research introduced the concept of the “mutable business.” Mutable means able or likely to change, a perfect adjective to describe today’s businesses which, in the words of Bloor Analyst Martin Banks, “are in a state of permanent transformation,” fueled by rapid technological advances and ever-expanding customer expectations.
Key to managing a mutable business is developing a highly adaptable, i.e., mutable, governance structure. As part of this mission, Bloor is exploding the standard business continuity model to create a new, more flexible, more responsive framework, “mutable business continuity.”
To appreciate this development, consider the present state of business continuity and how it emerged.
Business continuity is a business management discipline which provides for the continuous operation – or accelerated recovery – of critical business functions in the event of a disaster or other major business disruption.
Business continuity originated in the 1970s as “disaster recovery” and was primarily a means of protecting large corporations against the loss of their mainframe data centers. In the 1980s, disaster recovery was expanded to include the recovery of non-information technology (non-IT) functions and the term “business recovery” was adopted. By the 1990s, with the emergence of e-commerce and other real-time, customer-facing applications, the recovery industry realized that recovery, itself, was no longer an adequate objective. Especially in the financial services sector, the standard had been raised from recovery to continuous operation. Consequently, business recovery morphed into business continuity.
Notwithstanding this evolution, today’s business continuity practices do not meet the needs of today’s mutable business. For example:
- Owing to its roots, the domain of business continuity is still largely limited to the preservation of digital information and digital information systems.
- Business continuity plans normally focus on discrete events like fires and floods, which, while risky, frequently boast a low probability of occurrence.
- Business continuity plans are usually inward-looking, and do not account for supply chain contributions and vulnerabilities.
- Business continuity plans are revised at irregular intervals and tested only once or twice a year.
- Business continuity is seldom integrated with its companion disciplines, such as Security, Emergency Management, and Crisis Management.
Mutable business continuity (MBC) addresses these and other deficiencies, enabling businesses to “do business” despite a variety of adverse conditions of circumstances.
MBC Helps Safeguard All Business Resources
In addition to a business’ information infrastructure, a mutable business continuity plan prescribes how a business should respond to the loss or unavailability of core physical assets, including
- Hardcopy documents, and
- Product and Supply Inventories.
Importantly, a mutable business continuity plan also sets forth how a business should respond to the loss or unavailability of vital personnel.
MBC Expands the Definition of Disaster
A traditional business continuity plan is typically activated in reaction to a major disaster, like a data center fire. In contrast, a mutable business continuity plan is invoked whenever any major business threat manifests, including:
- Ransomware and other cybersecurity attacks,
- Active shooter incidents,
- Business partner failures, even
- Increasingly evident climate change effects.
It is this characteristic of a mutable business continuity plan that renders MBC relevant to everyday operations, not something to be “dusted off” in the rare instance of a business calamity.
Mutable business continuity prepares a business for the type of day-to-day disasters that every business will encounter.