Organizations have increased their oversight of business continuity management activities, according to a new survey by KPMG that found 71 percent of respondents indicating they have a senior management advisory or steering committee in place, up from 65 percent in a 2011-2012 survey.
While that figure represents an improvement from the past study, approximately 30 percent of the survey respondents indicated that no such governance capability is currently in place in their organization.
The study also revealed that despite a rise in cyber-related threats, 36 percent of organizations reported that they do not address cyber terrorism in their business continuity management program and related plans. Organizations with steering committees are more likely to include cyber-terrorism in their BCM program and related plans, at 46 percent of those respondents, compared to 32 percent for those without steering committees.
The 2013-2014 Continuity Insights and KPMG LLP Global Business Continuity Management Program Benchmarking Study surveyed 434 executives from over 22 countries on the current state of their BCM programs and the drivers for further program development.
“Having a formal oversight function, like a steering committee, that is visible and provides guidance in the development and maturity of the BCM Program, is a key success factor for organizations that get BCM right,” said Tony Buffomante, a principal in the Information Protection and Business Resilience practice at KPMG, in a statement. “More frequently than ever before, organizations are experiencing incidents or interruptions that require activation of one or more business continuity plans, particularly around IT or cyber security, social media and data privacy, requiring they remain vigilant in the development, maintenance and monitoring of their business continuity programs.”
The survey showed there is a significantly higher level of BCM program integration with key functional organizations, third parties and public authorities where a steering committee is in place. The survey revealed that those with this oversight in place reported higher success rates in a number of BCM facets, including an increase in conducting periodic business impact analysis, achieving recovery time objectives, an increased rate of adopting global standards such as ISO 22301 and a noticeable rise in addressing cyber security in their BCM programs and related plans.