• Menu
  • Skip to right header navigation
  • Skip to main content
  • Skip to secondary navigation
  • Skip to primary sidebar
  • Skip to footer

Before Header

About Us | Articles | Free Resources | Podcast | YouTube Channel

Contact Us Subscribe

Bryghtpath

Business Continuity and Crisis Management Consultants

  • Start
        • Start your Resilience Journey

          Moving your organization – or your career – forward on your resilience journey can be a difficult and scary proposition.  Often, we find that prospective clients aren’t quite sure where to start.

          To help you along your journey, we’ve outlined below four curated collections geared towards momentum-building action and advice perfectly paired with your organization’s current stage of resilience.

        • I want to learn more about Resilience

        • We’re just getting started with our resilience program

        • We’re seeking to optimize & mature our resilience program

        • I’m a Resilience Professional seeking to further develop my skills

  • Company
        • About Bryghtpath

        • Our Core Values

        • Meet our Team

        • About Bryghtpath
          • Case Studies & Results
          • Certifications and Awards
          • Contact Bryghtpath
          • Contract Vehicles
          • Media & Professional Appearances
          • Our Clients
          • Our Proven Process
          • Security & Compliance
          • Strategic Partners
          • Work with Us
  • Capabilities
        • Our Capabilities
        • We help your organization strategically navigate uncertainty and disruption.

        • Case Studies & Results

        • Business Continuity as a Service

        • Business Continuity
          • Business Continuity - Overview
          • Business Continuity as a Service (BCaaS)
          • Business Continuity Software
          • Coaching
          • IT Disaster Recovery
          • Resiliency Diagnosis®️
        • Crisis Management
          • Crisis Management - Overview
          • Crisis Communications
          • Crisis Exercises
          • Cyber Crisis Exercises
          • Cyber Incident Response Planning
          • Crisis Playbook®️
          • Global Security Operations Center (GSOC)
          • Resiliency Diagnosis®️
        • Other Capabilities
          • Intelligence & Global Security Consulting
          • Speaking
          • Training
  • Courses & Training
        • Courses & Training

          We’ve created a number of free and premium courses that have helped thousands improve their skills, build more resilient organizations, and lead through organizations through difficult critical moments successfully.

        • Coaching
          • 1-on-1 Coaching Call
          • Private Backchannel
          • Private Coaching Program
        • Free Intro Courses
          • Overview
          • Business Continuity 101
          • Crisis Communications 101
          • Crisis Management 101
        • Premium Courses
          • Overview
          • Custom Training
          • 5-Day Business Continuity Accelerator
          • Communicating in the Critical Moment
          • Crisis Management Academy®️
          • Preparing for Careers in Resilience
  • Expertise
        • Our Expertise
        • Here at Bryghtpath, in our core values, we state that we are humbly confident in our resiliency expertise.

          We write, publish, speak, and train others constantly – striving to share our thought leadership publicly to advance our industry and exercise our curiosity by interacting with other leaders in our practice domains.

        • Ultimate Guide to Business Continuity

        • Ultimate Guide to Crisis Management

        • Case Studies & Results

        • Free Resources & Frameworks
          • Overview - Free Resources
          • Bryghtpath Frameworks
            • Bryghtpath Business Continuity Lifecycle
            • Bryghtpath Crisis Management Framework
            • Bryghtpath Exercise Maturity Model
            • Bryghtpath Global Security Framework
            • Bryghtpath Long-Term Recovery Framework
            • Bryghtpath Professional Reading List
            • Bryghtpath Workplace Violence & Threat Management Toolkit
          • Resiliency Professionals Facebook Group
          • Resource Library
          • Webinars & Videos
          • Whitepapers & Reports
        • Our Thoughts & Insights
          • Articles
          • Lead Through Disruption. Stay Ahead with Bryghtpath.
          • Managing Uncertainty Podcast
          • Media & Professional Appearances
          • YouTube Channel
        • Whitepapers & Reports
          • Global Security Operations Centers & Resilience
          • Managing the Whole Crisis: The Ransomware Challenge
          • Mastering Uncertainty: Strengthening Organizational Resilience
          • Social Activism Campaigns
          • The Resilience Roadmap: 250 Ways to Fortify your Business against Disruption
  • Industries
        • Our Industry Expertise

          Bryghtpath has extensive experience in a number of industries working with clients of all sizes, geographical locations, and business models. As a team, we possess, deep global operating experience on every continent around the world.

        • Industries Overview

        • Case Studies

        • Start your Journey

        • Education

          Education Icon
        • Finance

          Financial Services 800x800
        • Government

          Government Icon
        • Healthcare

          Healthcare Icon 800x800
        • Hospitality & Leisure

          Hospitality & Leisure Industry Icon 800x800
        • Life Sciences

          Life Sciences 800x800
        • Logistics

          Transportation & Logistics Industry Icon 800x800
        • Manufacturing

          Manufacturing Industry Icon 800x800
        • Non-Profits

          Non-Profit Industry Icon 800x800
        • Retail

          Retail Industry Icon 800x800
        • Tech & Media

          Communications Industry Icon 800x800
        • Utilities

          Power & Utilities Icon
  • Products
        • Our Products

          College Classroom - Mature Teacher
        • Crisis Playbook™️

        • Exercise in a Box™️

        • Exercise in a Day™️

        • Books
          • From Panic to Poise: Crisis Management in the Modern World
          • The Continuity Code: Mastering Business Resilience
        • Crisis Playbook™️
          • Overview
          • Active Shooter Plan
          • Emergency Response Guide
          • Fatality
          • Food/Product Recall
          • Protest
          • Violent Attack
        • Maturity Models
          • Overview
          • ASIS Workplace Violence and Active Assailant
          • FFEIC Maturity Model – Business Continuity
          • ISO 22301 – Business Continuity
          • ISO 22361 – Crisis Management
          • ISO 27031 - IT Disaster Recovery
          • NIST 800-53 Contingency Planning Maturity Model
        • Templates & More
          • After-Action Process & Templates
          • Awareness Collateral
          • Business Continuity Plan Templates
          • Crisis Management Plan Templates
          • Disaster Recovery Plan Templates
          • Job Descriptions
  •  

Mobile Menu

  • Start
  • Company
    • About Bryghtpath
      • Case Studies & Results
      • Certifications and Awards
      • Contact Bryghtpath
      • Contract Vehicles
      • Media & Professional Appearances
      • Our Clients
      • Our Proven Process
      • Security & Compliance
      • Strategic Partners
      • Work with Us
  • Capabilities
    • Our Capabilities
    • Business Continuity
      • Business Continuity – Overview
      • Business Continuity as a Service (BCaaS)
      • Business Continuity Software
      • Coaching
      • IT Disaster Recovery
      • Resiliency Diagnosis®️
    • Crisis Management
      • Crisis Management – Overview
      • Crisis Communications
      • Crisis Exercises
      • Cyber Crisis Exercises
      • Cyber Incident Response Planning
      • Crisis Playbook®️
      • Global Security Operations Center (GSOC)
      • Resiliency Diagnosis®️
    • Other Capabilities
      • Intelligence & Global Security Consulting
      • Speaking
      • Training
  • Courses & Training
    • Coaching
      • 1-on-1 Coaching Call
      • Private Backchannel
      • Private Coaching Program
    • Free Intro Courses
      • Overview
      • Business Continuity 101
      • Crisis Communications 101
      • Crisis Management 101
    • Premium Courses
      • Overview
      • Custom Training
      • 5-Day Business Continuity Accelerator
      • Communicating in the Critical Moment
      • Crisis Management Academy®️
      • Preparing for Careers in Resilience
  • Expertise
    • Our Expertise
    • Our Thoughts & Insights
      • Articles
      • Lead Through Disruption. Stay Ahead with Bryghtpath.
      • Managing Uncertainty Podcast
      • Media & Professional Appearances
      • YouTube Channel
    • Free Resources & Frameworks
      • Overview – Free Resources
      • Bryghtpath Frameworks
        • Bryghtpath Business Continuity Lifecycle
        • Bryghtpath Crisis Management Framework
        • Bryghtpath Exercise Maturity Model
        • Bryghtpath Global Security Framework
        • Bryghtpath Long-Term Recovery Framework
        • Bryghtpath Professional Reading List
        • Bryghtpath Workplace Violence & Threat Management Toolkit
      • Resiliency Professionals Facebook Group
      • Resource Library
      • Webinars & Videos
      • Whitepapers & Reports
    • Whitepapers & Reports
      • Global Security Operations Centers & Resilience
      • Managing the Whole Crisis: The Ransomware Challenge
      • Mastering Uncertainty: Strengthening Organizational Resilience
      • Social Activism Campaigns
      • The Resilience Roadmap: 250 Ways to Fortify your Business against Disruption
  • Industries
  • Products
    • Books
      • From Panic to Poise: Crisis Management in the Modern World
      • The Continuity Code: Mastering Business Resilience
    • Crisis Playbook™️
      • Overview
      • Active Shooter Plan
      • Emergency Response Guide
      • Fatality
      • Food/Product Recall
      • Protest
      • Violent Attack
    • Maturity Models
      • Overview
      • ASIS Workplace Violence and Active Assailant
      • FFEIC Maturity Model – Business Continuity
      • ISO 22301 – Business Continuity
      • ISO 22361 – Crisis Management
      • ISO 27031 – IT Disaster Recovery
      • NIST 800-53 Contingency Planning Maturity Model
    • Templates & More
      • After-Action Process & Templates
      • Awareness Collateral
      • Business Continuity Plan Templates
      • Crisis Management Plan Templates
      • Disaster Recovery Plan Templates
      • Job Descriptions
  •  

Plan-Do-Check-Act and your Business Continuity Program

You are here: Home / Business Continuity / Plan-Do-Check-Act and your Business Continuity Program

September 16, 2021 By //  by Bryan Strawser

Let’s talk about the law of aggregate marginal gains.

As the theory goes, many tiny improvements add up to huge wins over time.

In the case of the British Cycling Team, the accumulation of tiny improvements like improved handwashing, new massage gels and pillows, and tweaks to bike ergonomics were credited for the team’s wildly successful performance at the 2012 Tour de France and London Olympics.

For the rest of us, a more practical example of the theory in action might be parking at the end of the parking lot, taking the stairs, and skipping dessert to shed a few more pounds over the course of a year. Or if savings are the goal, ditching your drive-through coffee each morning, packing your lunch, and collecting your change can quickly propel your savings efforts into appreciable gains.

In theory, the law of aggregate marginal gains seems like a foolproof and nearly effortless way to accomplish big things.

So how is it then that the average 20-something has less than $10,000 in their retirement savings?

And am I the only one with a step-tracking smart-watch who has yet to fit back into my size 34 jeans from college?

Why Your Business Continuity Program Needs Plan-Do-Check-Act

There are endless explanations for why we humans find it so hard to make progress towards our goals—whether it be losing weight, saving money, or making strides in our business.

When it comes to organizational resiliency, one of the most common problems I see is not having a good system for implementing and improving your business continuity program.

Ad hoc efforts usually lead to ad hoc results. Opportunities for improvement slip through the cracks and your program quietly and unimpressively manages to subsist. Not exactly your dream scenario.

Especially considering the ramifications of being unprepared for the next disruption.

Meaningful improvements—whether to your waist size, your resiliency, or your bottom line—require a proven methodology to evaluate what’s working and what’s not. And to ensure that you’re making consistent efforts towards those improvements over time.

If your business continuity program doesn’t already have a system in place to do this, the Plan-Do-Check-Act model is a good place to start.

Want to learn more about Business Continuity?

Our Ultimate Guide to Business Continuity contains everything you need to know about business continuity.

You’ll learn what it is, why it’s important to your organization, how to develop a business continuity program, how to establish roles & responsibilities for your program, how to get buy-in from your executives, how to execute your Business Impact Analysis (BIA) and Business Continuity Plans, and how to integrate with your Crisis Management strategy.

We’ll also provide some perspectives on how to get help with your program and where to go to learn more about Business Continuity.

Read our Ultimate Guide to Business Continuity

What is Plan-Do-Check-Act?

The Plan-Do-Check-Act (PDCA) model is a highly effective and proven approach for implementing, maintaining, and maturing a business continuity program, or any program for that matter.

In early iterations, the PDCA model was referred to as the Deming-Shewhart cycle (named for its creators) and today is part of the foundational theory that undergirds Lean Six Sigma, Kaizen, ISO standards, and other systems for quality management and improvement.

So if your organization already has a process for establishing and maintaining your programs, it likely shares many similarities to the Plan-Do-Check-Act model or is loosely based on the PDCA methodology.  Whatever your experience, you’ve likely heard of Plan-Do-Check-Act before, or at least seen it in practice.

But what exactly is Plan-Do-Check-Act and how can it help your organization better achieve its resiliency goals?

The PDCA model is based on a four-step closed-loop cycle that is used to improve a process or project over time. The steps, in short, are as follows:

  • Plan: Establish your objectives, processes, procedures, and resources
  • Do: Implement and operate your program or project as informed by your plan
  • Check: Gather data and evaluate the outcomes from the “do” phase
  • Act: Use insights from the “check” phase to identify corrective and preventive actions and drive continuous improvement over time

The PDCA process is continuous, rather than focused on a discrete endpoint.  The result is an upwards spiral of continuous program and project improvement that has the potential to bring tremendous gains when applied consistently and correctly. Nike and Toyota are but two commonly cited examples of organizations that have used the PDCA model with much success.

plan-do-check-act-picture-id1147287903-550x413 Plan-Do-Check-Act and your Business Continuity Program

How Does Plan-Do-Check-Act Relate to ISO 22301?

In 2012, the International Standards Organization (ISO) implemented a new harmonized structure for developing management system standards, or Annex SL. Steps 4-10 of the Annex SL framework were specifically designed to incorporate the key elements of the PDCA cycle.

Many of the current ISO standards, including ISO 22301:2019 for Business Continuity Management, have since been revised to incorporate the new Annex SL structure. As a result, the PDCA model heavily informs the current international standard and best practice framework for business continuity management.

The diagram below illustrates how the components of ISO 22301:2019 correlate with the PDCA cycle.

Plan-Do-Check-Act ISO 22301:2019
Plan: Establish Clause 4—Context of the organization

  • Identify internal and external drivers, including legal and regulatory requirements, and the needs and expectations of all stakeholders.
  • Determine plan scope.

Clause 5—Leadership

  • Determine how top management will demonstrate its leadership and commitment to the business continuity program.
  • Establish and communicate the business continuity policy.
  • Assign program roles and responsibilities and determine how business continuity performance will be reported to top management.

Clause 6—Planning

  • Define strategic and mission-critical objectives in consideration of both external and internal drivers.
  • Determine risk tolerance and risk acceptance, and how risks and opportunities will be handled.
  • Determine required resources, responsibilities, timelines, and how results will be evaluated.

Clause 7—Support

  • Identify training and communications requirements.
  • Establish plans for documenting, maintaining, and controlling the business continuity management system.
Do: Implement and operate Clause 8—Operation

  • Plan, implement and document the business continuity program. This includes:
  • Conducting the Business Impact Analysis (BIA) and Risk Assessment
  • Identifying, selecting, and implementing appropriate business continuity strategies and solutions
  • Creating response and communication structures
  • Developing and testing business continuity plans and procedures
Check: Monitor and review Clause 9—Performance evaluation

  • Determine how, when, and by whom the program will be monitored, measured, and evaluated.
  • Conduct internal audits and determine how top management will regularly review business continuity program progress and effectiveness.
Act: Maintain and improve Clause 10—Evaluate and improve

  • Determine opportunities for improvement and take appropriate corrective actions as part of the continual improvement process.

How Plan-Do-Check-Act Can Improve Your Organizational Resilience

The first and most obvious benefit of utilizing the PDCA model is having an effective and proven method for evaluating and improving your company’s business continuity program. Still, there are many other ways that PDCA can add value to your business continuity planning efforts.

Alignment

If you want the support of the C-Suite and board, you need to understand their perspective and align the activities of your business continuity program to your organization’s overarching objectives.

  • What are your company’s mission, vision, and strategic objectives?
  • What initiatives are most important right now?
  • What are the external drivers that most influence your company’s operations?
  • What products and services are you trying to protect and what is the likely impact of a disruption?

Using the PDCA model helps ensure your business continuity program aligns with other top-level management structures and utilizes a common language and standards that are familiar to your company’s executive and leadership team. As a result, you can better communicate how your business continuity program helps the company meet its overarching objectives and secure more internal support and resources for your program.

Engagement

It’s one thing to get board and executive buy-in on your business continuity program but quite another to have them actively engaged in the process (at least at a high level).

Executive management and leadership play a key role in program improvement under the PDCA model. As a result, utilizing the PDCA cycle can help ensure decision-makers are in the know and exercising proper oversight over your business continuity planning efforts. It can also help open new channels for governance conversations between your organization’s leaders and those directly responsible for and impacted by your business continuity plans.

Compliance

Applying a PDCA model to business continuity planning ensures your business continuity program aligns with global standards.  This can help streamline the external audit and inspection process.

Modeling the PDCA approach outlined in ISO 22301 also ensures that relevant legal and compliance obligations are adequately addressed by your resiliency plan.

Best Practices for Applying Plan-Do-Check-Act to Your Business Continuity Program

Many consultants take a standardized approach to helping their clients implement or improve their business continuity planning program. This often involves a line-by-line cross-reference of the ISO 22301 standards against the company’s existing practices and procedures and creating a line-item list of gaps that need to be addressed.

We don’t do that at Bryghtpath.  And here’s why.

Every company has its own unique culture, which informs everything from how you communicate and work together to how you make decisions.

And every company is at a different point on its path to resiliency.  Many companies have already organically built many of the capabilities embodied in the PDCA model and simply need to integrate them into a more structured program. Others are starting from the very beginning.

Likewise, every company has different resources and risk tolerances that inform their business continuity planning investment.

That’s why our best advice to anyone considering how the Plan-Do-Check-Act cycle can improve their business continuity program is to find a consultant who appreciates the science behind the PDCA model—but also appreciates the need for its artful application to your business’s particular resiliency needs.

Conclusion

The Plan-Do-Check-Act cycle is a highly effective and proven approach for implementing, maintaining, and maturing a business continuity program. And having a better understanding of the PDCA model can positively inform your approach no matter where your business is on its business continuity planning journey.

At Brygthpath, we can help you understand how your resiliency efforts line up with the PDCA model and prioritize your next best steps for improving your business continuity program. Learn more about our approach to Business Continuity in our Ultimate Guide to Business Continuity and then contact us today.

Category: Business ContinuityTag: Bryan Strawser, bryghtpath, bryghtpath llc, Business Continuity, business continuity consultant, business continuity management, Deming Cycle, iso 22301, PDCA, PDCA Cycle, Plan Do Check Act

About Bryan Strawser

Bryan Strawser is Founder, Principal, and Chief Executive at Bryghtpath LLC, a strategic advisory firm he founded in 2014. He has more than twenty-five years of experience in the areas of, business continuity, disaster recovery, crisis management, enterprise risk, intelligence, and crisis communications.

At Bryghtpath, Bryan leads a team of experts that offer strategic counsel and support to the world’s leading brands, public sector agencies, and nonprofit organizations to strategically navigate uncertainty and disruption.

Learn more about Bryan at this link.

Previous Post: « 3 Key Metrics for Business Continuity Program Success
Next Post: Business Continuity Standards: How each can help you »

Footer

Contact

BRYGHTPATH LLC
+1.612.235.6435

PO Box 131416
Saint Paul, MN 55113
USA


contact@bryghtpath.com

  • Facebook
  • LinkedIn
  • RSS
  • Twitter
  • YouTube

Our Capabilities

  • Business Continuity
    • Business Continuity as a Service (BCaaS)
    • Business Continuity Software
    • Coaching
    • IT Disaster Recovery Consulting Services
    • Resiliency Diagnosis®️
  • Crisis Communications
  • Crisis Management
    • Crisis Exercises
    • Cyber Crisis Exercises
    • Cyber Incident Response Planning
    • Global Security Operations Center (GSOC)
  • Speaking
  • Training

Our Free Courses

Business Continuity 101

Crisis Communications 101

Crisis Management 101

Our Premium Courses

5-Day Business Continuity Accelerator

Communicating in the Critical Moment

Crisis Management Academy®️

Preparing for Careers in Resilience

Our Products

After-Action Templates

Books

Business Continuity Plan Templates

Communications & Awareness Collateral Packages

Crisis Plan Templates

Crisis Playbook®

Disaster Recovery Templates

Exercise in a Box®

Exercise in a Day®

Maturity Models

Ready-Made Crisis Plans

Resilience Job Descriptions

Pre-made Processes & Templates

Site Footer

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.


Bryghtpath®, Crisis Management Academy®, Crisis Playbook®, Exercise in a Box®, Exercise in a Day®, Resiliency Diagnosis®, Resilience Operating Model™
and their respective logos are registered trademarks of Bryghtpath LLC in the United States and other countries.


About Bryghtpath LLC | Disclaimer | Privacy | Status Page | Terms of Use

Proudly powered by Mai Theme, the Genesis Framework, and Wordpress.