Post-event reviews: Using a quantitative approach for analysing incident response to demonstrate the value of business continuity programmes and increase planning efficiency

Abstract

Business continuity management is often thought of as a proactive planning process for minimising impact from large-scale incidents and disasters. While this is true, and it is critical to plan for the worst, consistently validating plan effectiveness against smaller disruptions can enable an organisation to gain key insights about its business continuity readiness, drive programme improvements, reduce costs and provide an opportunity to quantitatively demonstrate the value of the programme to management. This paper describes a post mortem framework which is used as a continuous improvement mechanism for tracking, reviewing and learning from real-world events at Microsoft Customer Service & Support. This approach was developed and adopted because conducting regular business continuity exercises proved difficult and expensive in a complex and distributed operations environment with high availability requirements. Using a quantitative approach to measure response to incidents, and categorising outcomes based on such responses, enables business continuity teams to provide data-driven insights to leadership, change perceptions of incident root cause, and instil a higher level of confidence towards disaster response readiness and incident management. The scope of the framework discussed here is specific to reviewing and driving improvements from operational incidents. However, the concept can be extended to learning and evolving readiness plans for other types of incidents.