What is BCP? (in English)

    BCP stands for Business Continuity Planning.

    It is a proactive measures that organizations prepare to ensure they can continue their product processing during and after disastrous events such as natural disasters, technological failures, security breaches, or other emergencies.

    BCP is designed to minimize the impact of such events and facilitate a quick recovery, allowing businesses to resume their critical functions and operations as soon as possible.

    The Main Purpose of BCP

    The main purpose of business continuity planning is not just to make a document.

    It is rather to develop strategies, procedures, and resources to enable an organization to maintain essential services, protect its reputation, minimize financial losses, and safeguard the interests of its stakeholders during unexpected disastrous events.


    Key Components and Steps to Taken for BCP

    Here are the key components and steps involved in the business continuity planning process:

    1. Risk Assessment

    Identify and assess potential risks and vulnerabilities that could disrupt your organaization and business operations.

    This includes 360 degree risk analysis to watch over internal and external factors that can impact the organization, such as natural disasters, supply chain interruptions, cybersecurity incident and threats, reputational risks or human-related risks.

    2. Business Impact Analysis (BIA)

    Determine the potential impact of the disruptions critical business functions, processes, and resources.

    BIA helps identify the recovery time objectives (RTO) and recovery point objectives (RPO) for different business activities, allowing organizations to prioritize their recovery efforts.

    3. Strategy Development

    Based on the risk assessment and BIA results, develop strategies and plans to mitigate the identified risks and ensure to continue the critical business functions.

    This could be to consider alternative work locations, implementing backup systems and recovery processes for data, confirming and/or developing communication channels, and assign roles and responsibilities to designated employees during a crisis.

    4. Plan Development

    Create a comprehensive business continuity plan that documents all the necessary procedures, guidelines, and instructions to be followed during a disruptive event.

    This plan should include emergency response protocols, resource allocation strategies, communication plans, and steps for activating the plan when needed.

    This document needs to be handed out to all employees in the organization.

    5. Testing and Exercises

    Regularly test and validate the effectiveness of the business continuity plan through simulations, tabletop exercises, or full-scale drills.

    This can identify any gaps and weaknesses in the plan. It also provides an opportunity to train employees on their roles and responsibilities.

    6. Training and Awareness

    Ensure that employees are adequately trained and aware of their roles and responsibilities during a crisis.

    Conduct training sessions and awareness campaigns regularly to promote a culture of preparedness for the unexpected crisis and ensure that everyone understands their part in implementing the business continuity plan.

    7. Maintenance and Review

    Continuously update and maintain the business continuity plan, at least once a year, to reflect changes in the organization, its operations, and the evolving risks and threats.

    Regularly review and revise the plan to ensure its relevance and effectiveness.

    It is crucial for organization committee, such as Risk Management Committee, to oversee the document thoroughly and give approval.


    By implementing a robust business continuity plan, organizations can enhance their resilience, minimize downtime, protect their reputation, and quick recovery from disruptions.

    It enables each organization to maintain customer confidence, meet regulatory requirements, and ensure the long-term survival of their business.