by Natalie Giorgalla
The COVID-19 pandemic has proven to be the ultimate preparation lesson for the so-called “gray rhinos” and “black swans” theories. Opinions differ as to whether the pandemic is a “gray rhinos” event or a “black swans” event.
In short, the “gray rhinos” theory refers to events that are very likely, predictable, have a high impact but are often overlooked. While the theory of “black swans” refers to events that are impossible to predict, they have a significant impact and significant consequences, but are often considered obvious and predictable in retrospect. The evolution of the pandemic last year was a real demonstration of how a company that is resilient and prepared for a “gray rhino” event can be the difference between surviving and collapsing its operations.
The pandemic caused severe disruption to organizations in 2020 and 2021, but for many, it provided a wake-up call to better prepare for future crises. Some organizations take a more critical view of future risks and draw up plans for scenarios that have been avoided or neglected in design to date.
It is promising that, despite the upheaval that the coronavirus has caused (and is causing) over the last 2 years, it has resulted in many organizations implementing more effective business continuity programs. For some organizations, the facts left no room for further development of a risk management approach that includes planning for the unexpected to ensure lasting resilience. The application of the ISO 22301 standard is a key tool in such cases.
The international standard ISO 22301: 2019 Business Continuity System (Business Continuity Management Systems (BCM S )) describes how to manage business continuity in an organization. Specifically, it defines the requirements for the design, operation, implementation, monitoring, control, maintenance and continuous improvement of a business continuity management system. The aim is to ensure the uninterrupted provision of services after a possible shutdown of an organization. The standard is designed to be applied to any size or type of organization and from any workplace.
Importantly, an organization can be certified by an accredited certification body for the requirements of this standard. Therefore, certified organizations can demonstrate their compliance with the standard to customers, partners, shareholders and other stakeholders.
The key to an organism's survival is its ability to respond quickly and efficiently in the event that its functions (or part of it) are disrupted due to an unexpected or unexpected incident that causes a disturbance. With ISO 22301 , in the event of a business threat, a series of controls based on business continuity systems best practices are activated.
In addition, applying the requirements of the standard increases the safeguarding of the interests of the stakeholders of an organization, protects the health and safety of its staff, ensures the reputation and commercial value and increases the “resilience” to risks or business threats that may affect its operation.
By implementing business continuity practices in accordance with the guidelines set out in the standard, an enterprise can provide a kind of security either by preventing certain incidents from being disrupted or by enabling faster recovery. As a result, the cost of such an incident is significantly reduced if the business continuity priorities are recorded, the impact on the business is analyzed, the risk is assessed and managed and the actions that a company must take to ensure the continuation of its business activity are determined.
No company is immune from downtime, so it is important that companies ensure that they are well equipped to effectively minimize the risk of downtime.
Maybe in 2022 we need to “see” the gray rhinos in time so that we are better prepared!
In case you are interested in further studying the ISO 22301 standard and the Business Continuity as well as for more information please refer to the free publication by ISO, through the following QR Code.
The Cyprus Standardization Organization ( CYS ) is the body responsible for the adoption and implementation of European and International Standards in Cyprus. For more information about ISO 22301 you can contact the CYS Service & Information Center at 22.411.414 or by email: [email protected]
* Natali Giorgalla works as a Service & Administration Standardization Officer at the Cyprus Standardization Organization (CYS).
