Skip to main content Skip to navigation

Business Continuity

The basic principle of Business Continuity is to continue to deliver our 'priority activities' in the face of a disruption to the University; whether that be from an ICT failure, severe weather or an infectious disease. The ISO Standard surrounding Business Continuity Management, ISO 22301:2012, defines it as:

 A holistic management process that identifies potential threats and the impacts of those threats (if realised) to business operations. It provides a Framework for building organisational resilience with the capability of an effective response that safeguards the interests of key stakeholders, reputation, brand, and ‘priority activities’.

Business Continuity Planning Cycle

Robust and effective BC management encompasses all of the above stages of the BC Planning Cycle.

The first step is to Analyse what the Priority Activities are for an area. These are the critical functions within an area that must continue and/or be recovered as quickly and as effectively as possible.

The second step is to Design a BC Plan which outlines the aforementioned activities, what they require in order to continue, how they link in with other internal teams and external stakeholders, and what alternatives there are if these activities suffer disruption.

The third step is to Implement the BC Plan. This involves agreeing the BC Plan with key staff members and stakeholders and actively working to embed the plan and its guidance into team culture, understanding and training.

The fourth step is to Validate the BC plan, which is a cyclic, ongoing element. BC Plans are required to be reviewed and tested every 6-12 months, which the Risk & Resilience Team can facilitate. Key staff from the team take part in a scenario-based exercise at least every 12 months to test the BC plan 'in action' and ensure that it is up-to-date and fit for purpose.

Business Continuity Plans

Business Continuity (BC) plans are an essential element of the BC Cycle and of University's Governance and Emergency Planning functions. Departments are required to develop a BC plan to identify how their Priority Activities could be recovered swiftly following an incident. BC Plans help areas to:

  • outline alternative arrangements and potential recovery activities to enable functions to continue to operate and restore their usual levels of service in the event of an incident
  • help inform decision making during and after incidents
  • complement the Risk Management and Incident Management processes

In formulating their BC plan, departments should consider which academic departments or central services they would depend upon to regain full functionality. This could include departments with which they share teaching or research partnerships, or central services such as ITS or Estates. It is also important to consider external stakeholders as well as key suppliers of goods and services.

More generally, it is useful to identify requirements for each activity in terms of:

  • People
  • Processes
  • Technology/ Systems
  • Infrastructure/ Physical requirements

The Risk & Resilience Team encourages you to contact them to discuss business continuity arrangements within your area. The team offers guidance in the form of meetings, workshops and presentations and can develop bespoke scenario-based exercises to focus on the issues that are pertinent to your area. Business Continuity Plan templates are also available on request.

If you would like to discuss this further, please contact Chris Griffin, Interim Head of Risk and Resilience and Kimberly Jebson-Hambly, Risk and Resilience Manager or email

Additional Guidance

The University is committed to Business Continuity Planning as part of its on-going emergency planning processes and is a member of HEBCoN (Higher Education Business Continuity Network).

Further information can be found on the following websites:

The Business Continuity Institute

Government advice on Business Continuity 

Approaches to Business Continuity in Universities