Despite the fact that the Business Continuity Institute’s (BCI’s) Good Practice Guidelines (GPG) has been around since 2002 and the British Standard, BS 25999, since 2006, there are still many widely different approaches to implementing Business Continuity (BC) to be found. These are not just differences between country or sector or size, or between qualified and non-qualified BC practitioners. They can be between BC practitioners with the same qualification, working in the same country, in the same sector, in organisations of the same size.
I was reminded of this during the past week, when I was giving the BCI’s GPG 5 day training course to a group of people who were going to take the BCI’s certification exam at the end of the week. About half of the delegates had worked in BC for some years, and were now looking to obtain a qualification. The problem that they were having was in trying to forget how their own organisations were implementing BC and to learn the BCI’s GPG. The organisations that they represented all had well established BC programmes, but why were they all different, and why were they significantly different from the BCI’s GPG?
My guess is that the reason lies in two areas. These are, firstly, that because the practice of implementing BC is very difficult, once they have found something that works they have decided to stick with it. Secondly, it is very likely that they first implemented BC back in the 1990s, before the BCI’s GPG, and that they have not had the time, money, or inclination to keep amending their BC processes and methods to keep up with current theory – they are too busy trying to keep up with changes in their own organisation!