22 January 2018
Keith Appleyard

Please Engage Brain

Keith Appleyard - available for hire

60Posts 300,386Views 107Comments


A place to share stuff that isn't at all fintec related but is amusing, absurd or scary.

2 out of 3 UK Companies without a proven BCP

02 April 2009  |  2736 views  |  0

The Chartered Management Institute, in association with the Civil Contingencies Secretariat of the Cabinet Office, has just released the Business Continuity Management Report 2009  (the 10th annual report in the series) appropriately titled “A Decade of Living Dangerously”

Selected Highlights :

The survey was sent to a random sample of 15,000 CMI members, but only 1,012 responded.

Only 52% of organisations have specific BCP covering their operations.

Only 64% of managers reporting that BCP is regarded as important in their organization (a fall over the past year from 76%)

The two greatest single concerns are electronic attack - 58% - and human disease (such as pandemic influenza) - 57%

Despite recognising the threat posed 53% of organisations still have no plans to help them cope during an influenza pandemic.

Most common disruptions: over the past year, 40% of organisations suffered disruption due to a loss of IT. Other key sources of disruption were extreme weather (25%), loss of people, loss of telecommunications, and utility outages. But the survey was conducted before the bad weather in Jan/Feb, so the 25% might now be higher.

Of the 52% of organisations who have a BCP, 68% of them [35% overall] rehearse their BCP at least once a year; and 75% of those who did said that the exercises had revealed shortcomings.

But that still leaves 48% who don't have a BCP, and 32% of those who have a BCP who had never tested theirs.

Overall that means 2 out of 3 UK companies either (a) don't know what to do in a disaster or (b) don't know if their plan would work.

It reminds me of the European Airline who when I asked them about their BCP said "there might be a plan, but it would only be communicated to us in the event of an incident arising"

Full report (24 pages) is downloadable for free at



TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from Keith

Barclays On-line Banking deserves better error messages

02 January 2014  |  13937 views  |  1 comments | recomends Recommends 0 TagsMobile & onlinePaymentsGroupWhatever...

RBS does have robust procedures

01 October 2013  |  3538 views  |  0 comments | recomends Recommends 0 TagsMobile & onlinePaymentsGroupWhatever...

National Savings and Investments are rather too lethargic

17 April 2013  |  13909 views  |  0 comments | recomends Recommends 1 TagsSecurityMobile & onlineGroupWhatever...

RBS Internet Banking is not for the English

28 January 2013  |  5611 views  |  0 comments | recomends Recommends 0 TagsMobile & onlineGroupWhatever...

RBS don't seem to understand basic book-keeping rules

26 June 2012  |  6389 views  |  5 comments | recomends Recommends 2 TagsPaymentsGroupWhatever...

Keith's profile

job title IT Consultant
location Bromley
member since 2008
Summary profile See full profile »
Focussing on IT Strategy and Systems Architecture issues, primarily in the Payment Card Industry - scope is Global. SME on topics such as Data Protection and Encryption.

Keith's expertise

Member since 2007
60 posts107 comments
What Keith reads

Who's commenting on Keith's posts