IBCT - ECP-301 Fast Track your BCM
ECP-301 Fast Track your BCM

ECP-301: Fast Track your BCM

ECP - 301:   Fast Track your Business Continuity Management System

This 2-day course provides a hands-on workshop for implementing a Fast track solution to develop an effective Business Continuity Plan for business, government and not-for-profit organizations. The workshop provides practical tools and techniques to implement a FAST TRACK solution to significantly reduce the time required to conduct the BIA/Risk Assessment/Continuity Strategy phase of your Business Continuity Plan development, with a special focus on ISO 22301, the new International Standard for BCM. Through the use of instructor-led presentations and case study workshops, participants learn how to FAST TRACK the essential phases of a Business Continuity Plan development project, to readily identify areas where their organization is most vulnerable and can be most easily and quickly protected. If you are responsible for starting a BC project, this course will enable you to do your job.

NEXT COURSE: October 9-10, Prague


This course is perfect for those new to Business Continuity Planning as well as experienced practitioners, and for consultants who need to deliver business continuity solutions for their clients. This course is designed for new BCM practitioners, executives,  managers, business continuity planners and business unit staff who are involved in or manage business continuity planning functions. 

A Business Impact Analysis identifies the operational and financial impacts resulting from the disruption of business activities and gathers information needed to develop recovery strategies. Potential loss scenarios are normally identified during a Risk Assessment.  
The traditional approach to developing a business continuity plan has always required the development of a risk assessment followed by a business impact analysis:
  • The traditional risk assessment looked at the “101 things that could go wrong” such as fire, flood, earthquake, hurricane, ice storm, zombie attack or an asteroid hurtling towards the earth
  • Then they try to determine the likelihood or probability that these events could occur, and the frequency or how often they might occur
  • Then they look at what impact these would have on their business activities if they should actually happen

The major problem with the traditional approach is that it is expensive and time consuming:

  • A thorough Risk Assessment conducted in the traditional approach can easily take up the first 6 months of a new business continuity plan, or longer
  • Combined with the BIA, this can easily take up to a year to complete – and is one of the main reasons why many companies balk at even starting a BCP

On the other hand, ISO 22301 suggests that we first conduct the business impact analysis and then conduct the risk assessment:

  • We first identify what the business impact might be should each of our business activities be suspended for a time, regardless of the cause
  • Then we prioritize our business activities with a focus on which activities are most time sensitive and have the greatest impact on business operations – these are our Key Business Activities
  • Then our Risk Assessment looks primarily at these Key Business Activities and at what could actually occur to impact on these
The major benefit with this approach is that it saves time and money. The result is that we are able to conduct both the BIA and Risk Assessment in less time that it would take just to complete a traditional risk assessment, reducing a year-long process to just months. Indeed, some companies have been able to complete a BIA and Risk Assessment in weeks using the ISO 22301 approach.

If it is paramount that your company begins enhancing its disaster preparedness as quickly as possible, you may wish to FAST TRACK the program. Perhaps the biggest advantage to a FAST TRACK process is that it allows you to start delivering tangible benefits sooner, and helps build momentum for the rest of the BCM program. 

Topics covered include:

1. Business Continuity Lifecycle Management
  • The new realities of Business Continuity Planning
  • Management's roles and responsibilities with respect to Business Continuity
  • Establishing and managing a Business Continuity program
  • How to evaluate, and maximize, the program's cost-effectiveness
  • The difference between Business Continuity and System Availability
  • Generally Accepted Business Continuity 'Best Practices'
  • Future trends in Business Continuity Management


2. Primary features of ISO 22301
  • PLAN - Establish business continuity policy, objectives, targets, controls, processes and procedures
  • DO - Implement and operate the business continuity policy, controls, processes and procedures
  • CHECK - Monitor and review performance against business continuity policy and objectives, report the results to management for review, and determine and authorize actions for remediation and improvement
  • ACT - Maintain and improve the BCMS by taking corrective action, based on the results of management review and reappraising the scope of the BCMS and business continuity policy and objectives


3. Business Impact Analysis
  • Identifying key business activities
  • Determining impacts of business interruption
  • Assessing the time-sensitivity of impacts
  • Developing impact mitigation strategies
  • Establishing the 'maximum tolerable downtime' of key activities
  • Determining minimum resource requirements for business resumption
  • Preparing and presenting a Business Impact Assessment report
  • Data collection techniques.
4. Risk Assessment
  • Identifying potential technological, environmental, and human threats
  • Determining the business activities affected by these threats and assessing the severity of risk to each business process
  • Identifying single-points-of-failure and other serious exposures
  • Developing strategies for deterring threats and/or reducing risks and determining costs, and cost-justification, for these strategies
  • Preparing and presenting a Risk Assessment report
  • Implementing and maintaining threat deterrence and risk reduction measures


5. Strategy Development

  • Establishing the 'worst case' scenario, and all 'less than worst case' scenarios, for which strategies need to be developed
  • Identifying potential short term contingency strategies, and longer term recovery strategies, for key business activities
  • Determining order-of-magnitude costs and evaluating the relative merits for each strategy
  • Selecting the preferred strategies and preparing cost justifications
  • Implementing the approved strategies
  • Supply Chain Management issues
6. What’s Next?
  • Developing a Business Recovery Plan
  • Developing a Crisis Management Plan
  • Crisis Communications
  • Awareness and Training Program
  • Testing Exercising Business Continuity Teams
  • Plan Maintenance 
  • Plan Evaluation
  • Plan Administration


NOTE: This course is normally offered as a private in-house 2-day session for up to 25 participants; cost to be determined by the number of participants and location of the course presentation.

Contact Us

Institute for Business Continuity Training
1623 Military Road, Suite 377
Niagara Falls, NY 14304

T: 1-844-408-4358

F: 1-716-313-1750

E: This email address is being protected from spambots. You need JavaScript enabled to view it.