Business continuity & post crisis management

Knowing how to manage a crisis is essential, and knowing how to maintain essential activities is vital. Our ISO 22301 certified consultants can help you define and structure your business continuity plan.

dispositif de gestion de crise cyber

Business continuity plan

The COVID 19 pandemic has reminded many organisations of the importance of having a business continuity plan in place in the event of an event that affects access to the physical site and the availability of essential resources. This plan must be designed to cope with a variety of scenarios and impacts, and must be regularly reviewed so that it can be activated immediately in the event of a crisis.

A cyber crisis can have a major impact on a company’s operations, as recent ransomware cases have shown: from one day to the next, a company can be completely paralysed. Cyber attacks can lead to extremely poor working conditions, either as a direct result of the attack or because of the preventive measures that need to be taken to prevent its spread: data inaccessibility, workstations inoperable, production lines stopped if necessary….

Preparation is essential to determine the criticality of your activities, prioritise your essential and vital activities, be able to continue them in a degraded manner in a crisis situation and ensure their gradual recovery.

Alcyconie’s ISO 22301 Lead Implementer certified consultants can help you set up or update your business continuity system. Our fraud expertise also enables us to integrate the growing risk of cyber fraud into your treasury business continuity plan.

We can also provide dedicated hosting and communications solutions for your crisis unit. This highly secure, proprietary solution enables you to protect your crisis management documents and exchange information securely in the event of a breach of your information systems.

Business resumption plan

In the event of a crisis that disrupts the structure’s activities, it is advisable to plan for a gradual, organised and concerted resumption of operations. The recovery strategy must be thought through in advance and not improvised. This is known as the Business Resumption Plan (BRP) and, in the case of the information system, the IT Resumption Plan (IRP).

The aim of these recovery plans is to help you emerge from the crisis through a series of different stages: defining when the crisis is over, confirming the transition from the Business Continuity Plan to the Business Resumption Plan, defining priority activities, ensuring the reliability of the information system, resuming business with the necessary technical and human resources, etc.

The business resumption plan is directly linked to the crisis management system.

dispositif de gestion de crise cyber

Experience Feedback

The end of a crisis symbolises a return to normalcy, but it is also a crucial stage in crisis management. It’s an opportunity to take stock, to look back and ask what went well and what, if anything, went wrong within the organisation during that particular phase of the crisis. Coming out of a crisis is an excellent opportunity to look at the strengths and weaknesses of your crisis management through feedback. This tool allows you to take stock of your crisis management and, more importantly, to make recommendations for changing one or more practices.

For example, at the beginning of the health crisis, it was clear that some companies were not fully prepared for such an event. By conducting a RETEX, these companies were able to capitalise on this by assessing their strengths and weaknesses and planning short, medium and long-term solutions for future crises.

Psychological support...

Some crises can have a lasting impact on your people and your organisation and require professional support to understand, decode and come to terms with what has happened. Working with our partner psychologists or coaches, we can provide psychological support during and after the crisis, depending on your needs.

...FOR the victims

In cyber-attacks, the vector is usually human, whether intentional or accidental. This can happen when an employee clicks on an infected attachment, or when an employee is tricked and manipulated by an attacker posing as a supervisor and obtaining login details and passwords. These different hypotheses can leave your employee-victim feeling pitiful or even weakened. It is therefore important to explain to your employees that they have been manipulated and deceived, and to make them aware of cyber issues.

dispositif de gestion de crise cyber
dispositif de gestion de crise cyber

...of your organisation

Crises can put a strain on your teams and make it difficult to resume normal working patterns. In this case, you need to explain and make your teams understand that times of crisis require a different organisation. Once the crisis is over, it should be business as usual.

What Alcyconie offers you

Alcyconie will support you in this post-crisis period, guiding you through the various aspects of returning to work, providing feedback and psychological support.

Supported by a team of experts, coaches and external partners, Alcyconie will adapt to your situation and offer you a tailor-made solution to best meet your needs.

Any questions ?

Would you like to know more about Business Continuity Planning (BCP)?

Business Resumption Plan (BRP)?

Would you like to know more about our crisis consulting services?

Follow our news