Ships log: Monday
An ancient, lever-arched folder has been discovered in the arms of a body which has been drifting in a life boat for weeks out on the ocean. The outer layer of the big black, 2 ring folder has been badly beaten by the sea water and the sun; but it has been robust enough to still retain some shape and identity.
“Look captain…It’s a folder” shouts one of the crew members. “What the hell could be inside that?” she asks with a trembling fear in her voice
The captain slowly reaches down with one of his long arms; his sleeve is rolled up just above the elbow revealing his faded Ibiza tattoo as it emerges in the midday sun. His other hand covers his loaded weapon (gun) just in case the scary looking folder wakes up.
He gently prises the folder from the clasped hands of the deceased operative; the poor worker never stood a chance and his frozen stare is one of horror.
“God rest his soul” shouts the Head of HR from behind her desk. “Make sure we inform the next of kin and tell recruitment to pop an advert in the job centre by 5 please”
The captain takes his well-manicured hand and wipes the sea salt and barnacles off the front of the lever arch folder. He lowers his head slightly to get closer to make out the label on its cover as his eyes aren’t as good as they once were.
“Oh…my…god” he slowly whispers….
“It’s the Business Continuity Management Policy!
We thought we had one but no one has ever seen it” he says with disbelief and trepidation in his voice.
“But captain…we thought that was all a legend? An ogre! An ancient story told to keep the Board of Directors and the Chair from falling asleep. It can’t be real can it captain? Please don’t bring it on board the ship boss” says Tim the Head of Operations.
“There is no telling what damage it could do to the C-suite executive bridge and the rest of the crew below decks if you open it”
As the captain slowly opens the file to reveal its sinister looking core, just how will the story unfold?
Suddenly….from within the pages comes an almighty deafening….ROOAARRRR!
The analogy of the story
I loved the King Kong story from being a lad. I remember watching the old 1933 black and white movie on tv as a child and being frightened to death by it. It was in the days when such films made a once a year showing (if we were lucky) late at night. Long before multi-channel movies and Netflix (other packages are available).
It was only in later life, when I became more experienced, did I realise the ethical and moral issues of the film and its story line. I’ve watched some of the remakes over the years but to be honest, I kind of know what is going to happen and somethings, are best left where they were.
So, what about the BCM Policy and its connection with this story? Well it kind of seemed a good way to tell the story of what is often found when undertaking BC audits and reviews.
The mythical BC Policy
Some are exceptional and some, can be the exception! Some were clearly developed by following just what the guidelines says; just taken word for word from a book by the then BC lead in the organization and it may even have received the board level approval during it’s early years.
Then it was put ‘in the cage and on display’ in front of paying audiences and visitors. Even various inspectors of some other part of the regulatory and legislative bodies may have been charmed by the assurances and sight of the trusted policy folder. It looks good. Strong. Powerful and mighty. Mighty Joe Resilience!
But in reality, some of them were and remain, ‘paper policies’. They had some of the wording, and the intention but they have no teeth. No real ‘roar-ability’ (I made that word up, but then again some policies look like they’ve been made up!).
Apart from the fact they could come back and bite the board members on the ass!
Sometimes the BC lead had just been left to get on with it, with little early support and buy in and they just copied what someone else did or got a copy of the good practice guidelines and did their best.
#copyandpaste or ‘have you got this in word please?’
And sometimes it’s the fault of the organization as a whole for not quality assuring the process fully. Sometimes an expensive consultant had been brought in to construct an elaborate looking policy. It looked amazing on the but what was actually underneath. All fur coat and no knickers.
People say and think they need a BC Policy because that is what the legend tells them to believe; and they do need one if they want to follow the spirit of good practice or of course, achieve accreditation.
But not all businesses and organizations warrant a policy; simply because it is not worth the effort and time when their size and complexity simply just requires a plan of action of what to do if something went wrong.
Many BC Policies give that ‘air of assurance’ and ‘reassurance’ of the intention, implementation and effectiveness of its strategic direction and delivery. But some policies remain a legend in their own file space. The mythical beast of protection and resilience.
The mother of the BC Plan for when the stuff hits the fan.
Beauty and the Beast; happy ever after
Like the legend of Kong, beauty and beast comes to mind. The BC Policy, in the right format and style for the right organization, is amazingly powerful and a thing of beauty (let’s not get too carried away but bear with me please).
But it can be drawn away from its rightful habitat and isolated; left exposed to be shot at and attacked from all angles. I feel a tear coming…
The ‘policy’ doesn’t have to be an all singing, all dancing ‘giant’ of a gorilla.
Sometimes it can just be a small statement of what is required, why and how it will be achieved and maintained. The main thing is, it should fit with the organization’s other policies and formats to help support that organizational resilience approach.
But if the organization or business does not have or want formal policies, it shouldn’t prevent them for being resilient because some just need to know the basics and a plan of action, of what to do when the disaster movie comes for real.
The BC Policy is not the eighth wonder of the world but the legend of it creates that perception.
Author: Paul Kudray, MSc FICPEM MEPS MAICP CBCI.
An international business resilience leader, Paul Kudray is a Fellow of the EPC and a Fellow of the Institute of Civil Protection and Emergency Management (FICPEM). He is a Lead Auditor for ISO 22301. In 2014 he founded his own consultancy and he is an excellent forward thinking resilience innovator and blogger. LinkedIn paul@kudrayconsulting.com.