How We Support You and NUS
Policy
Compliance
Safety and Health
International Travel
Risk Research & Intelligence
Discover the latest insights on risks and global landscapes today.
Resource Packs
Are you a new staff or student? Here’s a one-stop page with all the relevant documents and information you need to know.
Business Continuity Management
Be Prepared for the Unexpected
About Business Continuity Management (BCM)
BCM is an integrated management process that identifies potential impact that threatens the University and provides a framework for building resilience and the capability for an effective response that safeguards the interest of the its key stakeholders, reputation, brand and value creating activities.
Internal or external threats such as major power failure, water main break, hazardous materials accident, structural failure or fire could damage buildings and/or campus for prolonged durations which would interrupt activities of those in the affected departments. In addition, student or staff protest, a disease outbreak could also cause major business disruption.
Faculties/Departments with well-developed, up-to-date and exercised Business Continuity Plans fortifies the University’s operational resilience.
NUS BCM Approach
The University adopts the Plan-Do-Check-Act (PDCA) cycle in planning, establishing, implementing, operating, monitoring, reviewing, maintaining, and continually improving the University’s business continuity preparedness.
BC Planning Process
Business continuity planning is a process that involves identifying potential risks and developing strategies to minimize the impact of disruptions on an organization’s operations and maintain the safety and well-being of its employees and customers.
A strong business continuity plan can also enhance the organization’s reputation and provide reassurance to stakeholders that the organization is prepared to handle unexpected challenges.
The process typically involves four main steps:
It involves identifying potential risks, determining their likelihood and impact, and using this information to prioritize the development of mitigation strategies and contingency plans.
By conducting a thorough risk assessment, NUS can identify potential risks, develop plans to minimize their impact, and effectively operate even in the face of unexpected disruptions.
This process involves identifying time-sensitive activities, referred to as prioritized activities, and analyzing the potential impact of each identified risk on the business’s operations. This includes financial, operational, legal and compliance, and reputational impacts.
It focuses on identifying the resources required to support prioritized activities. The typical types of critical resources are People, workplace, critical equipment, vital records and key internal or external dependencies such as your key suppliers, regulators, etc.
One of the key outputs of a BIA is the maximum tolerable period of disruption (MTPD), which is the amount of time that an organisation can tolerate being without a particular prioritized activity before it has a significant impact on the business operations.
The goal of a BIA is to identify the potential impacts of a disruption to critical business operations and prioritize recovery efforts accordingly. The results of a BIA can be used to develop a business continuity plan (BCP) that outlines the steps necessary to minimize the impact of a disruption and quickly recover critical business operations.
It involves using the results of a (BIA) to develop recovery strategies to mitigate and manage the identified risks.
The goal is to minimize the impact of a disruption and quickly recover critical business operations. The strategies may include backup and recovery procedures, alternate work locations, and alternative solutions for critical resources.
These strategies should be documented in a Business Continuity Plan (BCP) that outlines the steps necessary to implement them in the event of a disruption.
Exercising the Business continuity plan is critical to the Business Continuity Planning process, with simulations of potential disaster scenarios to assess the effectiveness of the plan. Exercises can be small-scale, such as a tabletop exercise, or large-scale, like a full simulation. The goal is to identify weaknesses in the BCP and improve readiness for disasters.
Training is also important, ensuring all staff are familiar with their department’s Business continuity plan and their roles in a disaster.
Maintenance is the final stage, reviewing and updating the plan to reflect changes in the business environment or potential risks.
Regular testing and training are essential to ensure staff are prepared.