26 June 2017
Keith Appleyard

Please Engage Brain

Keith Appleyard - available for hire

60Posts 293,757Views 106Comments


A place to share stuff that isn't at all fintec related but is amusing, absurd or scary.

2 out of 3 UK Companies without a proven BCP

02 April 2009  |  2677 views  |  0

The Chartered Management Institute, in association with the Civil Contingencies Secretariat of the Cabinet Office, has just released the Business Continuity Management Report 2009  (the 10th annual report in the series) appropriately titled “A Decade of Living Dangerously”

Selected Highlights :

The survey was sent to a random sample of 15,000 CMI members, but only 1,012 responded.

Only 52% of organisations have specific BCP covering their operations.

Only 64% of managers reporting that BCP is regarded as important in their organization (a fall over the past year from 76%)

The two greatest single concerns are electronic attack - 58% - and human disease (such as pandemic influenza) - 57%

Despite recognising the threat posed 53% of organisations still have no plans to help them cope during an influenza pandemic.

Most common disruptions: over the past year, 40% of organisations suffered disruption due to a loss of IT. Other key sources of disruption were extreme weather (25%), loss of people, loss of telecommunications, and utility outages. But the survey was conducted before the bad weather in Jan/Feb, so the 25% might now be higher.

Of the 52% of organisations who have a BCP, 68% of them [35% overall] rehearse their BCP at least once a year; and 75% of those who did said that the exercises had revealed shortcomings.

But that still leaves 48% who don't have a BCP, and 32% of those who have a BCP who had never tested theirs.

Overall that means 2 out of 3 UK companies either (a) don't know what to do in a disaster or (b) don't know if their plan would work.

It reminds me of the European Airline who when I asked them about their BCP said "there might be a plan, but it would only be communicated to us in the event of an incident arising"

Full report (24 pages) is downloadable for free at



TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from

Keith's profile

job title IT Consultant
location Bromley
member since 2008
Summary profile See full profile »
Focussing on IT Strategy and Systems Architecture issues, primarily in the Payment Card Industry - scope is Global. SME on topics such as Data Protection and Encryption.

Keith's expertise

Member since 2007
60 posts106 comments
What Keith reads

Who's commenting on Keith's posts