Business continuity planner
The Business Continuity Planner is responsible for ensuring that there are plans in place for an organisation to continue to function in the event of a disaster or catastrophic event. A business continuity plan should not be considered a one-off plan, it should be considered a living document, that is updated as changes within the organisation occur. The whole plan should be reviewed and tested at least once each year. The aim of a business continuity plan is to ensure that the business can continue to provide basic services till a business as usual state can be recommenced.
The business continuity planner will lead key stakeholders within the organisation through a process where potential risks to the organisation will be identified. These risks will include range from natural and environmental risks through to technological failures and security breaches. Once potential risks have been identified, then each risk requires a mitigation strategy.
When the risks and related mitigation strategies have been identified, the business continuity planner will then clearly document each risk, the related mitigation strategy and the person(s) within the organisation who have responsibility for ensuring the strategy is enabled. The final step of the business continuity plan is to implement the plan by running a trial of the processes and procedures that have been documented. This may lead to changes in the plan as the processes identified may not meet the needs of the business.
A business continuity planner exhibits a combination of capabilities from the Skills Framework for the Information Age (SFIA) and the Leadership competencies for Queensland.
Within the SFIA profile, the business continuity planner has level 5capabilities, i.e. ensures and advises on the skills outlined below.
Refer to the framework for descriptions of the seven levels of responsibility and accountability.
|SFIA skills||SFIA skill code||SFIA skill level of responsibility||SFIA skills level descriptor|
|Consultancy||CNSL||5||Takes responsibility for understanding client requirements, collecting data, delivering analysis and problem resolution. Identifies, evaluates and recommends options, implementing if required. Collaborates with, and facilitates stakeholder groups, as part of formal or informal consultancy agreements. Seeks to fully address client needs, enhancing the capabilities and effectiveness of client personnel, by ensuring that proposed solutions are properly understood and appropriately exploited.|
|Business risk management||BURM||5||Carries out risk assessment within a defined functional or technical area of business. Uses consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence and the impact on the business. Refers to domain experts for guidance on specialised areas of risk, such as architecture and environment. Co-ordinates the development of countermeasures and contingency plans.|
|Continuity management||COPL||5||Leads the development and implementation of a continuity management plan. Identifies information and communication systems that support the critical business processes and manages the relationship with specialists with authority for those systems. Evaluates the critical risks associated with systems operation and identifies priority areas for improvement. Designs and implements a testing strategy to ensure that continuity plans and procedures address exposure to risk and that agreed levels of continuity are maintained.|
Leadership competencies for Queensland describes what highly effective, everyday leadership looks like in the sector. In simple, action-oriented language, it provides a common understanding of the foundations for success across all roles. The profile describes three performance dimensions (vision, results and accountability) and 11 leadership competencies required against five leadership streams.
Leadership streams are not connected to a level or classification, but rather reflect the balance between leadership and technical skills required of an individual. Individuals can consider the value proposition of roles rather than the traditional lens of hierarchical structures or classification levels. The five leadership streams are:
- Individual contributor (Leads self and does not supervise others)
- Team leader (leads a team and typically reports to a program leader)
- Program leader (leads team leaders and/or multiple areas of work)
- Executive (leads program leaders or other executives)
- Chief executive (leads the organisation).
When developing a role description, identify the role type and then focus on the most important attributes and create a balance between SFIA skills and leadership skills.
A degree level qualification in areas such as business or information technology is highly regarded. Certification as a business continuity planner is a must.
Learning and development
There are a number of ways to develop and improve business continuity planning skills. Formal training and on the job experience are important ways to improve and develop the required skills.