Download our app
You can pay in cheques, transfer money, and do much more, all from your mobile.
Risks to your business can be unpredictable and they don’t just affect big companies. A hacked laptop or local power cut can disrupt smaller businesses too. The good news? With a business continuity plan, you’ll be better prepared to handle whatever comes your way. This guide explains why it matters and how to create a plan that works for you.
Read time: 8 mins Added: 03/10/25
A business continuity plan can provide a backup operational structure to get you through an unexpected crisis.
It can help you:
Contingency planning can also protect your reputation if events take a turn for the worse. By responding promptly, you can reassure everyone that you are in control, your core business operations will continue, as will your communication with customers, the media and other stakeholders.
The benefits don’t end there. If your business is part of a supply chain, effective contingency planning is a competitive advantage.
You need to identify different types of risk as you create your contingency plans. Consider these risks and examples specific to your business:
Categorise your key facilities and processes, and prioritise recovery plans for those operations that are key to your business.
Make a list of all the people and organisations you will need to contact in the event of a serious incident. Include names and contact details of staff, customers and the following suppliers:
Ideally, this list should be cloud-based or accessible off-site.
Cyber attacks and other IT outages present a major threat to most businesses. Malicious attackers can cripple systems with ransomware until payment is received. Or hackers can steal card details from the online forms your customers complete.
Cyber insurer Coalition recently claimed that smaller businesses have become bigger targets for cyber attacks. Additionally, a recent Government report highlights that UK companies have lost approximately £44 billion (around $55 billion) over the past five years. This averages out to nearly £9 billion per year due to cyber attacks.
For all these reasons, you need a separate continuity plan template for your IT systems. In particular, you need to make sure you can securely back up and run your systems off-site, if necessary. Other steps you can take include:
Learn more about cyber risk and what you can do to protect yourself on our Lloyds Cyber Risk hub. You’ll find plenty of insight and practical guidance to help you avoid or limit the impact of cyber attacks.
Cyber Insurance can provide cover if your IT systems suffer a data breach or a cyber-attack. It could reimburse you for:
Your continuity plan should cover several stages:
For each stage, focus on what you will need to do at that point considering the following:
Set out the order in which business functions will be resumed and who will be responsible in each case. You may need specific recovery plans for different functions, such as the main office, IT and key staff.
These can range from getting in touch with staff to briefing the press. Nominate a spokesperson in case the incident is newsworthy. Reinforcing confidence in your recovery is essential to managing major incidents.
Make sure your plan is fully documented and agreed upon so everyone can return to normal promptly. It should align with your strategy and objectives and be correctly focused and credible.
Following any business continuity incident:
Even if you are lucky enough to avoid any disruption, your plan still needs to be tested and reviewed regularly:
Store copies of your plans away from the workplace to keep them safe. Make sure they stay up to date, note any new risks and keep contact details updated. For example, if major legislation changes affect your business, update your plans accordingly.
When getting your business back on track after an incident, it helps to be insured against the major threats – from building damage to the loss of key staff.