Unprecedented does not have to mean unprepared: Business Continuity Planning

During these unprecedented times, many businesses are struggling to continue business as usual while the world is rapidly changing around them; however, certain businesses continue to thrive. Throughout this COVID-19 pandemic, companies like MMS, among other leaders in the pharmaceutical industry, are not only carrying out typical day-to-day business operations, but they are well-positioned to offer additional support to companies unable to adapt.

These thriving organizations share a common thread in terms of planning, specifically implementation of a successful Business Continuity Plan (BCP). Having a BCP ensures that organizations can quickly adjust, with little to no disruption to services when faced with business threats that include a spectrum from temporary power outages through pandemics.

Implementing a Successful Business Continuity Plan

A common misstep in BCP development is starting with a focus on the multitude of potential threats which may occur. While planning is needed for various scenarios, the business interruption should not be a starting point.

Developing a list of every possible risk to the business is not only daunting, but it is missing a key element: there is no way to predict the unpredictable.

The key to successful business continuity planning is to start with a focus on the core business elements – the people, processes, and tools required to make the business run – and work backwards from there. Conducting a thorough analysis of all core business elements and implementing broad contingency plans will ensure preparedness for a wide range of business disruptions, including the unexpected and unthinkable.

Another common approach to business continuity planning is to focus on high-risk scenarios only. While addressing high-risk scenarios is an important element, only addressing high-risk items neglects a critical factor – non-discriminatory disasters, those that are not location or industry specific. So, while most businesses located in a flood zone are prepared for a flood, if high-risk scenarios are the extent of their planning, they likely were not prepared to address the impact of a pandemic, like the coronavirus.

Bringing the focal point back to the core business elements ensures preparedness for all risks, regardless of likelihood.

A solid BCP ensures there is a Plan B (and where appropriate, a Plan C, Plan D, etc.) that can be quickly implemented when the need arises. In order for the BCP to be effective, the organization must also review, update, and test the BCP on a regular basis to ensure the backup plans continue to adequately promote the required contingencies that enable the business to operate seamlessly and ensure the safety of employees, customers, and partners, as well as security of data and assets.

MMS, for instance, is certified to ISO 9001, ISO 27001, and Privacy Shield, and our integrated management system is built on the ITIL and ISO framework. The organizational requirements to achieve these certifications have proven to be a key component to the success of the MMS BCP during the COVID-19 pandemic, allowing us to continue providing valuable services to our clients without interruption.

While certifications are not required to implement a successful BCP, the concepts behind these standards can help ensure critical BCP elements are appropriately accounted for, such as:

  • redundancy for key staff and systems;
  • data recovery, back-up, and access;
  • alternative methods of communication with colleagues, clients, and partners;
  • an alternative workspace or ability to transition into a remote workplace;
  • continuous review of risks & opportunities, and;
  • any location-specific requirements that need to be addressed.

Communication is Key

Once business continuity planning is complete, ensure that BCP policies and procedures are shared with applicable team members. Annual training is recommended to ensure continued awareness of these critical procedures. It is also important to ensure that electronic and paper copies are available in multiple systems and locations respectively to allow for access in a variety of scenarios.

Create a Business Continuity & Disaster Recovery Team, or a few key stakeholders, who will be responsible for acting on the plan when the need arises and for regular testing and review of the BCP. Ensure the team member contact information is accurate and available in the BCP and when possible, establish multiple alternative communication methods and meeting locations.

At the start of the COVID-19 pandemic, the MMS Business Continuity & Disaster Recovery Team, with representatives from senior leadership, quality assurance, IT, and HR, met daily to discuss and address the rapidly changing situation. Within the first day the BCP was launched, the team began implementing the required preparations to transition the entire global staff to work from home.

The team was ready to meet this demand before local officials implemented these requirements, allowing for a truly seamless transition to a fully remote workplace. Our HR team communicated to global colleagues early and often ensuring awareness of the BCP, alternative communication methods should they be needed, and most importantly, addressing the health and safety of employees and their families.

Ongoing assessments

Business continuity planning is not a one-time exercise, it is an ongoing assessment of core business elements, ensuring appropriate backup plans are in place to prevent business disruption. Focusing on the people, processes, and tools that are critical to business operations to ensure preparedness even in unprecedented times is key. All companies should communicate the BCP on a regular basis, and when disruption occurs and the BCP is implemented, communicate early and often to ensure effectiveness of the BCP and transparency to all stakeholders.

About the author

Jessica Alamdari, CMQ-OE is Manager of Operational Quality at MMS Holdings. With 15 years of quality expertise, Jessica is a Certified Manager of Quality and Organizational Excellence and a Certified Data Protection Officer. Connect with Jessica on LinkedIn.

Suggested For You

perspectives

January 29th, 2024

FDA Draft Guidance on Demonstrating Substantial Evidence Shines a Light on Confirmatory Evidence in Clinical Trials

perspectives

January 10th, 2024

Change Management and Preparing for Computerized System Audits is Critical to Ensure Positive Regulatory Inspections

perspectives

January 4th, 2024

Computer System Validation Needs Greater Attention When Preparing for an FDA Inspection

perspectives

November 30th, 2023

Good Laboratory Practice (GLP): A Validation Approach

perspectives

November 23rd, 2023

Meet These Four Expectations When Shifting SOPs in the Pharmaceutical Industry into Electronic Format

perspectives

November 21st, 2023

Quality in Clinical Trials Should be Owned by All Departments: Here’s Why

perspectives

October 31st, 2023

Computerised Systems and Electronic Data in Clinical Trials: New Guidelines and How to Reduce Risk

perspectives

October 19th, 2023

Corrective Action and Preventive Action (CAPA) Adoption for Massive Internal Improvements

perspectives

June 12th, 2023

The Role of Quality Assurance in Outsourcing: Ensuring Regulatory Compliance and Quality

perspectives

May 15th, 2023

Impact of ICH E6(R3) on the Future of Clinical Trials: What You Need to Know

perspectives

May 10th, 2023

Preparing for a GxP Audit Interview: Tips and Considerations for Auditors and Auditees

perspectives

April 14th, 2023

A Comprehensive Guide to Preparing for a Successful Good Laboratory Practice (GLP) Inspection