For the IT department, the rationale for and benefits of a robust business continuity plan can seem obvious. To secure the needed funding from the c-suite however, the case can’t be made using the language of IT.
If the business side is going to fund your business continuity plan – and it really is in their best interests to do so – you need to make your case in a language they understand: the language of business. While the technology side is used to thinking in terms of security and risk, business leaders tend to take a more dollars and cents-oriented view when it comes to greenlighting investment.
Business leaders are going to want to see tangible returns, and not just if and when a disaster strikes – everyone will support the investment when everything goes wrong. To get the go-ahead now though, you want to show them the business value and competitive advantage that can be realized through a robust business reliability plan.
Here are four things you will want to remember as you make your pitch to the business side.
1. The cost of downtime
The cost of business downtime can seem like an abstract thing without numbers, so it’s important you quantify both the likelihood of an outage and what it could mean to the bottom line of the business. Research from Symantec shows the average small to medium-sized business (SMB) experiences an average of six outages every year, from cyberattacks and power outages to employee errors and system upgrades. According to Gartner, the average cost of downtime for an SMB is as much as $42,000/hour.
2. We’re increasingly reliant on data
We live in the era of big data and business intelligence, and are moving into the era of the Internet of Things. The amount of data we’re storing is doubling every year, and it’s more crucial than ever to the real-time functioning of our business, as big data solutions drive actionable business decisions, often automated, in near real time. That means the cost of being without that data is greater to the business than ever before.
3. The importance of meeting regulatory compliance requirements
In some regulated industries, the need for a business continuity strategy may be driven by regulatory and compliance requirements, particularly in the insurance, financial services and health care industries. Positioning a business continuity plan in the context of regulatory compliance can be a powerful motivator for business executives who understand the importance of regulatory compliance to the health of the business and to consumer confidence.
4. Involve ALL of the business
It’s not an information technology continuity plan – it’s a business continuity plan. It needs to go beyond keeping the lights on to understand how the business really works, and building a plan that brings alignment to security, IT and corporate policies and strategies. The plan should be developed hand-in-hand with members of each business unit to fully understand how they work and what they need from a business continuity perspective.