The Board of Directors Should Be Involved in a BCP. . .
- Published on Wednesday, November 21, 2007
- Written by Dr. Richard Atkins, DDS and Jeff Hoye
Protect the Shareholders
The Directors work for the shareholders. The Directors have been elected (hired) to protect the interests of the shareholders. The President/CEO, in turn, serves at the discretion of the Board.
From a corporate governance standpoint, the selection and retention of a high-quality CEO is the Board’s #1 job. By law, and as spelled out in the organization’s corporate bylaws, the Board is responsible to the shareholders for the safe, sound, and legal operation of the company. To discharge their duties responsibly, the Board has three basic functions to perform. In addition to hiring and firing the President/CEO, they also ensure that strategic plans are formulated, strategic policies are adopted, and strategic goals are targeted. Finally, the Board monitors Management and the organization’s performance. Meeting this challenge requires a Board Member today to:
- maintain awareness of a company’s plans and performance
- sustain a working knowledge of the industry in which they serve, and
- monitor industry trends.
Protect the Employees, Customers and Other Stakeholders
Directors also protect the interests of the employees, customers, and other stakeholders of the organization. It is logical to assume that this mandate also includes the safety, well-being, and continued ability to operate. Any well-performing business executive today will tell you that the best way to enrich and enhance the shareholders in any company is to enrich and enhance the experience of the employees, customers, and others who have a stake in the success of your organization. The business world is becoming to interrelated and too complex not to be worried about how all members of the supply chain fare. As Corporate America grows more sophisticated in its ability to partner with the other members in its supply chain, the ability to continuously operate despite a major business disruption becomes even more critical to success.
Comply with Laws and Regulations
In today’s highly regulated world, Boards are especially sensitive to compliance with laws and regulations. Whereas in the distant past, a Director may have been able to dodge responsibility, should a major problem occur, by claiming ignorance, such is not the case today. A true Business Continuity Program provides the added assurance that every Board member wants in order to feel that they are responsibly representing those for whom they were elected to serve.
It is unacceptable for a company today to not have developed, maintained, reviewed, and tested plans for business continuity in the event of loss of any mission-critical facility and to train staff in the use of these plans. Furthermore, every Board member should also expect that the managers of each support unit and each business unit assess and manage risk on a day-to-day basis and to consider business continuity and risk issues when considering the development of any new product, service or project (see Board Policy adopted by a Board of Directors in January, 2001 on page 30).
One of the greatest struggles for the business continuity professional has been gaining management support for their contingency planning initiatives. Consider starting at the top of the organization? It makes sense to include the board once you understand what falls within their scope of duties and responsibilities. In most, if not all cases, the President is a member of the Board of Directors. As a member of the Board, he or she has the same acute desire / need to represent the shareholders as any other Board member. And best of all, the “management committee” or manager that you try or have been trying to convince directly or indirectly works for the CEO.
Given that the Board is well-served by utilizing a Business Continuity Program to discharge its duties to the shareholders, employees, customers, and other stakeholders of the institution, it’s valuable to involve the Board of Directors in a Business Continuity Program.
1. The Board is responsible for setting policy in the organization. By creating a business continuity policy, the board signals a high-level approval for the Business Continuity Program and helps to empower the project internally.
2. The Board is responsible for planning in order to guide the organization successfully into the future. Good business sense suggests that a Business Continuity Program can be a competitive advantage when placed in a company’s strategic plan. More and more companies are realizing that the creation and maintenance of the relationships with their customers, suppliers, employers and regulatory officials provides synergistic opportunities for growth, enhanced quality and possible joint product or process development. The alternative is to damage the relationship by your inability to continuously operate and thereby introduce threat and fear of loss into the supply-chain interrelationship. This provides an opportunity for your competition to step in and gladly take your place.
3. The Board, by law or through the company’s by-laws, is responsible for the selection and retention of a quality performing CEO as well as the Officers of the company. It is usually these Officers that chair the committees through which most Business Continuity Plans must pass. Rather than view the Officers as those who just want to know “how much something costs,” see them for who they are. They have been hired, with the Board’s consent, to ensure that the very services you wish to provide through a quality Business Continuity Program are so provided. Your challenge is to help them and the rest of the organization understand how your Business Continuity Program benefits the organization’s owners and stakeholders.
The next time you hear someone talking about a Board of Directors and a Business Continuity Program, we hope it’s your company they’re discussing.
BlueCross and BlueShield of Louisiana
Business Continuity Program Policy
“BlueCross and BlueShield of Louisiana is committed to the effective support of its mutual shareholders and requires that robust processes and procedures are adopted. These will apply to all aspects of the operation of the organization. All processes will be administered according to documented procedures, which ensure consistent operation under normal conditions and rapid recovery from abnormal circumstances.
It is the responsibility of the manager of each support department and each business unit to develop, maintain, review and test plans for business continuity in the event of loss of any mission-critical facility and to train staff in the use of these plans. It is equally the responsibility of the manager of each support unit and each business unit to assess and manage risk on a day-to-day basis and to consider business continuity and risk issues when considering the development of any new product, service or project.”
*Approved by the Board of Directors January 16, 2001.
Dr. Richard Atkins, DDS is a practicing dentist in Baton Rouge, Louisiana. He is also the Chairman of the Board for BlueCross and BlueShield of Louisiana.
Jeff Hoye is the managing member for The Baobab Group, LLC. He has worked with over 100 companies providing both planning and project completion services to their Board, CEO, and senior staff. Contact him at firstname.lastname@example.org.
Printed in Fall 2001