BCP Webinar - December 2025

Watch or rewatch a webinar that we hosted in December 2025 in which we shared our experiences and the tools that we have developed to streamline the BCP development process.

The following recap was generated by AI.

  • Challenges in Business Continuity Planning for Municipalities: Ben Perry and Gary Walker discussed the increasing need for business continuity plans in municipalities, highlighting common challenges such as outdated plans, lack of ownership, and time constraints, with input from session participants via polls.

    • Legislative Drivers: Ben explained that new legislation, such as BC's Emergency and Disaster Management Act, is pushing municipalities to adopt business continuity plans, emphasizing the importance of restoring essential services quickly after disruptions.

    • Common Obstacles: Gary described frequent issues faced by municipalities, including outdated plans, lack of departmental ownership, reliance on IT to drive BCP, and infrequent updates due to competing priorities and limited time.

    • Poll Results on BCP Status: Ben shared poll results showing that 53% of attendees do not have an up-to-date, active business continuity plan, and 77% cited lack of time as the main barrier to progress.

    • Ownership and Collaboration: Gary emphasized that business units, not just IT, must own and update their continuity plans, and that collaboration between IT and business departments is essential for defining realistic recovery time objectives (RTOs) and recovery point objectives (RPOs).

  • Streamlined Business Continuity Planning with Encased IT Portal: Gary Walker presented the encasedIT portal developed by Perry Group, detailing its features for managing business continuity, risk assessments, application catalogs, and integration with cybersecurity frameworks, designed to simplify and update BCP processes for clients.

    • Portal Overview: Gary described the encasedIT portal as a comprehensive tool for IT strategy, business continuity, and cybersecurity, including modules for NIST CSF, ISO, CIS 18, and SFIA skills management, all accessible via a unified dashboard.

    • Application and System Catalog: The portal allows users to upload and manage a complete catalog of applications and systems, integrating this data with business continuity planning to ensure accurate mapping of dependencies and critical services.

    • Automated Risk and Maturity Assessments: Gary explained that the portal supports custom risk assessments based on frameworks like ITIL and NIST, providing dynamic graphs and a universal risk register to track and manage risks across business continuity and cybersecurity programs.

    • Departmental Ownership and Easy Updates: Departments can manage their own BCPs through a simplified interface, with features for updating recovery objectives, team action plans, and contacts, enabling micro-updates and annual reviews with minimal effort.

    • Integration with Cybersecurity and Recovery Playbooks: The portal integrates business continuity with cybersecurity assessments and supports creation of recovery playbooks and functional disaster recovery tests, linking procedures directly to system catalogs and facilitating tabletop exercises.

  • Defining and Validating Recovery Objectives: Gary Walker explained the process for defining and validating recovery time objectives (RTOs) and recovery point objectives (RPOs) using the portal's algorithm and collaborative sessions with departments, ensuring realistic and customized targets for each service.

    • Algorithm-Based RTO Calculation: Gary demonstrated how the portal uses an algorithm based on DRE best practices to calculate RTOs, allowing departments to adjust criticality ratings and see immediate impacts on recovery objectives.

    • Validation Sessions: Departments participate in validation sessions to review and refine their RTOs, with the portal providing customizable financial thresholds and impact details to guide decision-making.

    • Separation of Primary and Secondary IT Services: The system distinguishes between primary and secondary IT services required for each business function, helping drive accurate disaster recovery planning and resource allocation.

  • Facility and Incident Management in Business Continuity: Ben Perry and Gary Walker discussed the portal's capabilities for tracking facilities, managing incidents, and dynamically assessing the impact of disruptions on services and technology, including integration with ITSM systems.

    • Facility Tracking: The portal enables users to list all service delivery locations, such as fire halls and community centers, and link them to the services provided, supporting facility-based continuity planning.

    • Incident Management Integration: Gary described how the portal can integrate with ITSM systems like ServiceNow to manage incidents, automatically identifying affected locations, services, and technologies in real time.

  • Role of Emergency Management and IT in BCP Ownership: Ben Perry and Gary Walker clarified the evolving roles of IT and Emergency Management in leading business continuity planning, advocating for shared ownership and collaboration, with business units defining recovery objectives and IT facilitating technology solutions.

    • Shift from IT to Emergency Management: Gary noted a shift from IT-led BCPs to greater involvement by Emergency Management, especially in fire departments, with IT supporting disaster recovery components.

    • Defining RTOs and Data Retention: Gary emphasized that business units must define RTOs and data retention policies, as IT cannot accurately determine criticality without input from service owners.

  • Action Plan and Best Practices for BCP Implementation: Gary Walker concluded with recommendations for effective BCP implementation, including identifying department owners, standardizing BIAs, enabling micro-updates, ensuring executive visibility, and integrating cybersecurity for organizational resilience.

    • Ownership and Standardization: Gary advised organizations to identify BCP champions, standardize business impact analyses, and ensure clear roles and consistent templates for structured continuity planning.

    • Micro-Updates and Executive Visibility: He recommended moving beyond annual updates to allow for micro-updates as needed, and using scorecards and graphs to provide executives with visibility into program maturity and status.

    • Integration with Cybersecurity: Gary highlighted the importance of integrating BCP with cybersecurity frameworks like NIST and ISO, using the portal's features to support resilience and maturity assessments.

  • Migration of Existing BCPs to Encased IT: Ben Perry and Gary Walker explained that existing BCP plans and spreadsheets can be easily uploaded into the Encased IT portal, allowing organizations to modernize and maintain their continuity programs without starting from scratch.

    • Uploading Existing Plans: Gary described the process of importing legacy BCP documents and spreadsheets into the portal, streamlining the transition and enabling ongoing management and updates.