Critical Business Activities Identification

It is crucial to understand where a company needs to focus on in order to recover in case of an incident. The first step in business continuity planning is to identify the most critical business activities to your company's survival. You need to have a good understanding of your business, including its objective, products, services, resources, facilities, suppliers, customers, and their interdependencies.

Critical business activities are those that must be present to sustain the continuity of business, where failing to performing them would lead to:

• Major revenue losses;
• Failure to meet regulatory or contractual requirements;
• Compromise of operational efficiency, or
• Loss of customer / damage of reputation.

Once the critical activities are identified, you should perform analysis on each of them to determine the priority and objective on the recovery of critical business activities based on their importance to the company's achievement of strategic goals. Typical questions to be considered include:

• What are the operational, financial and other competitive impacts to the company if the activities are not functioned?
• How quickly do the activities need to be back in production for your company to survive?
• How much data and financial losses can you afford?

For each of the critical business activity identified, it is also necessary to find out all the supporting resources needed to perform the activity and the effect on the business of the unavailability of the resources. Listed below are the areas of resources you should consider:

• People;
• Information technology (service, application, network, data);
• Data and voice communication;
• Paper-based documents and records;
• Physical infrastructure, key equipment and facilities; and
• External services / products dependencies.