Fail to Prepare, Prepare to Fail. Business Continuity Management in the Food Industry

Similar documents
Business Continuity Planning and Disaster Recovery Planning

ISO Business Continuity Management. Your implementation guide

Business Continuity & Disaster Recovery

Disaster Preparedness & Your Supply Chain

Citizens Property Insurance Corporation Business Continuity Framework

Business Continuity Management PHILIPPINES :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA

12.0 Business Continuity Management

A Guide to Business Continuity

Introducing ISO 22301

RISK ENGINEERING GUIDELINE

Business Resilience: Proactive measures for forward-looking enterprises

Protecting Information Assets - Week 9 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protecting Information Assets

BUSINESS CONTINUITY MANAGEMENT

Disaster Preparedness & Your Supply Chain

BUSINESS CONTINUITY MANAGEMENT

Business Continuity Management for Singapore s Logistics Sector. By Singapore Business Federation and Singapore Logistics Association

Business Continuity Management Policy and Framework

Head of Security and Business Continuity

Business Continuity & Risk Management

NOT PROTECTIVELY MARKED BUSINESS CONTINUITY. Head of Protective Services Specialist Operations. Business Continuity Manager

ISO Your implementation guide

Enterprise Risk Management Defined and Explained

Business Continuity and Natural Disaster Resilience: Where Are We Heading? Adopting best practices for weather safety based on new science

Moving to the AS9100:2016 series. Transition Guide

From its adoption as a discipline in the 1980s,

Business Continuity Planning for Major Disruptions Checklist 255

Safe Supply Chains Help Produce Sustainable Businesses

Further excellence. transparency

BUSINESS CONTINUITY AS A SERVICE

Business Continuity Framework

Business Continuity. Building a Program Fit for Purpose

Business Continuity/ Disaster Recovery. Sean Gunasekera

Activity 1 Failure Mode and Effects Analysis (FMEA)

Business Continuity Planning: As A Business Owner, What Do I Need to Consider? David Sutton Manager, Environment, Safety and Health.

Building a Standard for Business Continuity Planning

Moving from ISO/TS 16949:2009 to IATF 16949:2016. Transition Guide

Business Continuity Policy. Interim Governance Consultant. October Greenwich Executive Group

Strategic Business Continuity Management

Business Continuity Planning Policy

An introduction to business continuity planning

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)

US Business Continuity Safeguarding Your Business from a Disaster

WILTSHIRE POLICE FORCE POLICY

Business Continuity Management 2005

Risk Management Policy Arvind Infrastructure Limited

Building A Holistic and Risk-Based Insider Threat Program

Point of view Digital Business Resilience in Financial Services

Risk Advisory Services Developing your organisation s governance for competitive advantage

How Your Business Survival Depends On Disaster Recovery.

HSE Integrated Risk Management Policy. Part 1. Managing Risk in Everyday Practice Guidance for Managers

BCP Methodology Benefits realisation

ISO whitepaper, January Inspiring Business Confidence.

Business Continuity Management (BCM) Chicagoland Safety Conference October 24, 2013

Overview of Technical Skills and Competencies

Business Continuity vs. Operational Risk Management vs. Business Resiliency. Karen Dye Oakley, CBCP, MBCI

Questions which state 'This question does NOT use the case study' do not use the case study, and may be answered without reference to it.

Security Guideline for the Electricity Sector: Business Processes and Operations Continuity

ISO Standards in Strengthening Organizational Resilience, Mitigating Risk & Addressing Sustainability Concerns

December 2015 THE STATUS OF GOVERNMENT S GENERAL COMPUTING CONTROLS:

Leading financial institutions are transforming the way they manage IT risk

Key findings and insights of top operations management professionals

How can you improve your ability to identify, respond and adapt to significant operational interruptions?

Business Continuity Management Policy. Guidance

RC & CRISIS MANAGEMENT. risk compliance RISK & COMPLIANCE MAGAZINE. risk & compliance REPRINTED FROM: JUL-SEP 2015 ISSUE

GE Healthcare Life Sciences. Security of supply for chromatography media

Business Continuity Management An Auditor s Perspective July 25, 2017

Support Services. Engineering solutions for operational excellence SERVING THE WORLD S RAILWAYS. Technical

ISO Collaborative Business Relationship Management Your implementation guide

GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))

Adaptive Business Continuity Manifesto

The Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector

ISO whitepaper, January Inspiring Business Confidence.

Management Update: A Business Continuity Management Program Is Critical

WIC 104 RISK MANAGEMENT AND BUSINESS CONTINUITY PLANNING FOR LOCAL WIC AGENCIES. Peg Jackson, DPA, CPCU National WIC Association

BUSINESS CONTINUITY & STRATEGY POLICY

Business Framework Change How You Manage Safety

RISK MANAGEMENT POLICY

Risk Management Strategy. Version: V3.0

Moving from BS to ISO The new international standard for business continuity management systems

Supplier Partnership. BPF 2123 Quality Management System

BUSINESS CONTINUITY: PROTECTING YOUR BUSINESS FUTURE

2008 BUSINESS RESILIENCY SURVEY RESULTS:

Governance, Risk Management

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it?

Management Excluded Job Description

Food Fraud. What you don t know could hurt you, your customer and your brand. Horse Meat? Copper Sulphate? Fertilizer?

SQF 2000 Guidance. Guidance for Food Sector Category 4 Fresh Produce Pack House Operations. 1st Edition

Building a Roadmap to Robust Identity and Access Management

LIFE CYCLE FACILITY ASSET MANAGEMENT. Presented by Pedro Dominguez Managing Principal, The Invenio Group

Managing reputation risk. Laura Toni, Deloitte Romania November 28, 2014

2016 Business Continuity / Disaster Recovery Internal Audit Report

ISO 28002: RESILIENCE IN THE SUPPLY CHAIN: REQUIREMENTS WITH GUIDANCE FOR USE

SQF 2000 Code. 6th Edition AUGUST A HACCP-Based Supplier Assurance Code for the Food Manufacturing and Distributing Industries

Developing an Effective Disaster Recovery Plan

Business Continuity Through Planning, Prevention and Preparedness. READINESS RESOURCES

Third Party Risk Management ( TPRM ) Transformation

Presentation on Crisis Management and Business Continuity. ISCA Breakfast Talk 13 September See Hong Pek, Partner, PwC

Is your supplier risk management keeping pace with your strategic

A Vision of an ISO Compliant Company by Bruce Hawkins, MRG, Inc.

Business Continuity Planning. LGMA Conference October 27, 2011 Presented by Lisa Benini

Transcription:

Fail to Prepare, Prepare to Fail Business Continuity Management in the Food Industry

Fail to Prepare, Prepare to Fail Business Continuity Management in the Food Industry Business continuity (BC) systems exist to manage catastrophic events that can severely affect the ability of an organization to supply products/ services to their customers. ISO 22301, the international standard for business continuity defines BC as the capability of an organization to continue delivery of products or services at acceptable predefined levels following a disruptive incident. Businesses across all sectors and industries face many similar potential incidents or events including, but not limited to: z significant workplace accidents z negative media campaigns z market upheavals z power/fuel outage z loss of IT/telecommunications infrastructure (connectivity, server crash, viruses) z transport infrastructure issues z supply chain breakdown/disruptions z loss of employee base Organizations in the food chain face additional, industry-specific issues and challenges that increase the complexity of business continuity management: z Securing safe and alternative supply of raw materials and key ingredients from multiple suppliers z Traceability in the event of reputational risk issues z Food fraud incidences in the supply chain z Managing the press and social media after serious events (product recalls, on-site accidents, environmental incidents) Consumer trust and loyalty that can take years to build can be lost quickly when events of this nature occur. And a large proportion of businesses closed by such an event are unlikely to re-open. As an example, approximately 90% of companies experiencing a catastrophic loss of data and equipment are likely to go out of business within two years. 1 1. Jacobs and Weiner, The CPA Journal (on-line), 2008. 2. Peck, H Dr. 2006. Resilience in the Food Chain: A Study of Business Continuity Management in the Food And Drink Industry. DEFRA Report, Cranfield University, Shrivenham. In this fast-moving world, where information is transferred with the click of a finger and is more readily accessible, manmade events have become the primary threat to business continuity. New issues and threats are emerging which can have a severe effect on the food industry, including food fraud, complex supply chain management and global terrorism. And, both manmade and natural disasters may not necessarily have to occur at an organization s location to have catastrophic impact. Current state of BC management in the food and drink industry Business continuity is both a rising discipline and growing concern within the food and drink industry. BC Management (BCM) is still a relatively new concept for most organizations within the food industry with few companies having moved beyond reactive crisis management to a proactive or preventative approach. Resource constraints (money and manpower) and lack of expertise are slowing BCM implementation. Companies are reluctant to prioritize investments in costly preventative or redundancy measures within their operations to manage what if scenarios over know business issues. The emphasis of BCM changes amongst sectors, reflecting the core activities and commercial concerns of each. z Larger retailers are inherently resilient because few of their assets are mission critical. Their networks can withstand the loss of any one store and any one product supplier without significant disruption to operations. Their distribution centres, head offices and service suppliers are more likely to create single or significant points of failure. However, the retailers principal asset and concern is their brand reputation. For all other eventualities (barring fuel shortages), the 2

bsigroup.com retailers look to their suppliers to provide cover as their first option contingency, expecting their suppliers to hold redundant capacity/capability and provide the logistical flexibility to meet exceptional circumstances. In the case of fuel shortages the position is reversed. z Small retailers have amicable relationships with their wholesalers and look to them for supply chain continuity. z Logistics service companies are engaged in BCM on an ad hoc basis, depending on whether their clients are willing to pay extra for continuity planning. Their critical assets are skilled employees. z Food processors and packagers are in a more precarious position. Their efforts centre around protection of key assets because their operations are dependent on a few capitalintensive facilities. Some made no distinction between everyday operations, risk management and BCM. Manufacturers tend to rely on their ability to flex production between sites as their main form of contingency. However, most conceded that the redundant capacity that provides the basis of this strategy is being steadily eroded by the pressure to reduce costs and optimize asset utilisation. Sites are being closed, consolidated and moved offshore, at which point the risk profiles for their operations change; the principal dependencies switch from manufacturing sites to transport, communications and the supporting infrastructure 2. Many organizations engage BCM out of enlightened commercial self-interest. Best practice BCM encourages them to take action to maintain the mission critical activities and assets of their organizations, under an expectation of otherwise normal external circumstances. They see the purpose of BCM as protecting the well-being of customers, employees and shareholders. Business continuity standards and compliance The management of BC falls largely within the spectrum of quality and risk management with some crossover into related fields such as governance, information security and compliance. Risk management is an important tool for business continuity as it provides a structured way to identify potential sources of business disruption and assess their probability and harm. All business functions, operations, supplies, systems, relationships etc. that are critical to achieve the organization s operational objectives are analyzed and included in the business continuity plan (BCP). Business impact analysis is the generally accepted risk management term for the process of determining the relative importance or criticality of these elements In turn it drives the priorities, planning, preparations and other BC management activities. One important way to achieve business continuity is the use of international standards. These standards ensure that proven methods and concepts for BC are used. However, in addition to meeting the requirements of standards a business continuity plan should also include additional activities: z identifying relevant potential disasters z developing evacuation programmes z procuring spare machines and servers z performing data backups and arranging off-site storage z provisions for running the business remotely z assigning responsibilities for specific activities z performing drills z educating employees z improving vigilance across an organization As these tasks likely require both human and financial resource, a commitment by senior management to make business continuity as a top priority and assign people to work on it remains the most important step in establishing BC. 3

Fail to Prepare, Prepare to Fail Business Continuity Management in the Food Industry Industry Specific: Global Food Safety Initiative Standards Non-sector specific: ISO 22301 Business Continuity Management The need for formalized business continuity systems in the food industry has been driven by several Global Food Safety Initiative (GFSI) standards including the British Retail Consortium (BRC) and Safe Quality Food Initiative (SQFI). The requirements set out in these standards are generic as every organization is different and faces different issues in maintaining business continuity. GFSI standards dictate requirements for organizations to set up BC Plans that logistically guide organizations to recovery and restoration of critical functions, within a predetermined time, following an extended disruption (crisis/disaster). The building blocks of developing a relevant and effective BC plan include the following: z Process driven by senior management z Nomination and training of a BC management team (includes roles, responsibilities and interactions) z Complete risk assessment of potential threats to the organization z Development and implementation of an effective BC Management Plan that reduces the probability of incidents and action-based plans to respond to and recover from relevant crisis situations. z Specific data and actions include: Contact details for key personnel Key resource providers details, including utilities Details and contacts of relevant internal / external stakeholders and authorities Sources of legal and expert advice Supplier profiling and traceability Prioritization of tasks during and post crisis Assigning responsibility for internal and external communications Provisions to test plan(s) on an annual basis ISO 22301 helps organizations put business continuity plans in place to protect and help them recover from disruptive incidents. It also helps identify potential threats to businesses and to build the capacity to deal with unforeseen events. It protects businesses and their reputations and keeps them agile and resilient minimizing the impact of unexpected interruptions. As with other BC standards, because of the level of resource required to properly implement effective business continuity, top management are required to develop and continually improve the BCMS, make resources and training must be made available and employees and stakeholders must understand the BCMS policy and their roles and responsibilities in relation to it. Broken into 10 distinct clauses, the requirements of the standard lead organizations to: z Consider the interested parties affected by the Business Continuity Management System (BCMS), their requirements and develop a communications plan that details incidentrelated actions z Define acceptable timescales for the resumption of activities for the organization and its suppliers z Test response plans via simulation (not paperbased exercises) z Understand their role in the wider environment and supply chain to identify and effectively manage potential disruptions z Evaluate the impact of potential disruptions z Consider how risks will be handled z Carry out regular risk assessments, including those affecting interested parties and the wider community 4

bsigroup.com Key factors for the successful implementation of a BCP Senior management commitment z A top-down multidisciplinary team is imperative in order to develop a complete and beneficial plan. Further, the value of team work cannot be overstated. Effective risk assessment to z Address issues critical to the organization and its customers. z Researching, understanding and prioritizing threats and vulnerabilities unique to your product, ingredients, processes and supply chain, is fundamental in identifying potential impacts that threaten an organization and provides a framework for building resilience and effective responses. Plan the work then work the plan. z Proactive discovery of potential risk factors or compromising situations through a drill or exercise is vastly preferable to reactive management of a disaster is response to a customer complaint or media (social or otherwise) scandal. The (uncertain) future To say the food industry changes quickly is stating the obvious. Key drivers of change are the globalization of supply chains, increasing use of and access to various technologies/information and ever-changing consumer habits. Current areas of industry focus include: z Personalized diet and nutrition programmes z Pure, fair and eco-friendly product demand z Increasing product demand in developing countries z Time and energy reduction technologies z Overseas domination of the grocery market z Ascertaining the reliability, trustworthiness, ethics and values of existing and potential suppliers The future of BCM in the industry is intrinsically tied to the evolution of these trends and the new ones that will overtake them in the months and years to come. While putting a stake in the ground and implementing BCM takes a significant amount of resource and commitment, training the right people to follow the right processes builds resilience. Food and drink producers, manufacturers, transporters and retailers already engaged in BCM will be better positioned to mitigate the potential risks to their operations while also protecting their customers, profitability and brand. Organizations that prioritize other areas of the business may never regret their decision. They may never encounter supplier disruptions, weatherbased disasters or unscrupulous suppliers. But, just like fire insurance, it s value isn t fully appreciated until there s a fire. 5

Fail to Prepare, Prepare to Fail Business Continuity Management in the Food Industry Why BSI? We believe the world should be supplied quality food that is both safe and sustainable. We re a leading food safety certification provider with extensive auditing for a wide range of food safety standards across the entire food and beverage supply chain including Global Food Safety Initiativerecognized standards. Our services for the food sector include certification, training, assessment and supply chain solutions. Combined, they can help assure your customers and make your organization more resilient by enabling you to manage the risks and opportunities associated with your products, processes, people and respective supply chains. With over 2,800 food and agri-food standards in our portfolio, we are well positioned to support the industry and the challenges faced by the supply chain including food safety, food security, sustainability, land usage, energy, water and corporate social responsibility issues. Our products and services Knowledge The core of our business centres on the knowledge that we create and impart to our clients. In the standards arena we continue to build our reputation as an expert body, bringing together experts from industry to shape standards at local, regional and international levels. In fact, BSI originally created eight of the world s top 10 management system standards. Assurance Independent assessment of the conformity of a process or product to a particular standard ensures that our clients perform to a high level of excellence. We train our clients in world-class implementation and auditing techniques to ensure they maximize the benefits of standards. Compliance To experience real, long-term benefits, our clients need to ensure ongoing compliance to a regulation, market need or standard so that it becomes an embedded habit. We provide a range of services and differentiated management tools which help facilitate this process. For more information on improving your organization s business continuity practices, visit bsigroup.com/en-hk or email hk@bsigroup.com BSI Group BSI/UK/946/GRP/1016/EN/PD 6

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback