Business Continuity Risk Assessment

A disaster could happen to any company – no matter the business size. Risk assessment on critical business activities should be conducted, identifying possible risks and assessing the likelihood and impact of disruptive events. It is vital that you understand the disruptions that would be disastrous to the running of your business. Different disaster scenarios should be considered, some common threats include:

• Natural disaster, such as earthquake, fire, typhoon, flood;
• Loss of key equipment / information system / facility;
• Disruption of external telecommunications services;
• Utility outage, such as failure of power supply;
• Loss of life, disease, health & safety issues; and
• Terrorism & cyber attack.

Risk assessment against different threats may result in different outcomes. Some may require no action, while some require continuity planning to be developed and supported with additional resources. This will help a company to explore the possible effects of disaster incidents. After that, risks can be prioritized against objectives relevant to the organisation, including critical resources, impacts of disruptions, allowable outage times, and recovery priorities.