“We’re insured, so why do we need a business continuity plan?” is a more common question than you might think, particularly amongst smaller businesses (and some larger ones too, actually). And it’s a reasonable question, if a tad naïve.
Granted, there are a number of insurance options that may help from a business continuity perspective, including business interruption, consequential loss and increased cost of working cover, amongst others. The question is, are they enough to save your business in the event of a major disruption? And the answer is usually a resounding “no”.
Such policies may provide a safety net for your business if things go horribly wrong. But we should bear in mind that insurance only addresses (some of) the financial impacts of some of your risks – it merely provides a pre-defined sum of money in the event that a certain pre-defined risk occurs.
It almost certainly won’t pay out immediately – in fact, experience has shown that insurance can take months, or even years, to pay out and that the claims process is often fraught with difficulties (strangely enough, paying out on claims isn’t the favourite activity for most insurance companies!).
In the meantime, what it won’t do is keep your business operating or protect your cash flow in the short term. It won’t stop your customers going elsewhere or protect your market share. It won’t protect your reputation or replace the goodwill you’ve painstakingly built up, possibly over a period of many years. And it’s a sobering thought that the sums paid out are often less than anticipated, and often don’t actually cover the full value of the losses incurred.
So it’s vital that you clearly understand what your various insurance policies cover and, as importantly, what they don’t, so that you can supplement your risk management strategy with other appropriate mitigation measures, such as a decent business continuity plan.
The appropriate use of insurance is an important weapon in your business continuity and risk management armoury, but it’s a big mistake to view it as the only (or even the main) weapon. It should really be seen as the last line of defence, rather than the first.
Andy Osborne (known as Oz to friends and colleagues) is the Consultancy Director at Acumen, a consultancy practice specialising in business continuity and risk management.
Andy is the author of two books ‘Practical Business Continuity Management‘ and ‘Risk Management Simplified‘ as well as his popular blogs and ‘Tips of the Month’, all of which aim to demystify the subjects of business continuity and risk management and make them more accessible to people who live in the real world.