When a serious incident occurs in the workplace – on a scale big enough to strike a blow to the critical internal resources of a company – the true measure of business resilience will be the effectiveness of that company’s work health and safety management system (WHSMS) working in conjunction with strong Business Continuity Management (BCM).
BCM is an approach that is distinct but complementary to the WHSMS of a business, because it focuses on critical and catastrophic risks to the business and to people. It is a focused risk management approach for the whole of a business to ensure that when a large incident (either internal or external) occurs that significantly impacts an organisation internally, critical business functions can be restored and/or maintained in a timely fashion.
How do BCM and a WHSMS interact?
Both WHSMSs and BCMs are information intensive and use similar data, particularly in the areas of risk analysis and infectious diseases. To collect this information, management systems require input from all levels of business. As a result an organisation should consider consolidating its efforts in these overlapping areas in order to improve the efficiency of the information gathering process.
In joining these two systems, an WHSMS can be used to support BCM to advise an organisation on appropriate recovery strategies including advising on safe minimum staff numbers and on the suitability of facilities at proposed recovery sites.
The dual use of these management systems identifies potential threats to a business or undertaking and seeks to use this information to better protect workers or people who may be affected by the work of an organisation.
Do your due diligence; What should organisations be doing?
In integrating BCM into a larger WHSMS, companies should be looking towards legislative frameworks and Australian Standards for guidance as it is important that these systems meet legislative and regulatory requirements to ensure that the business or undertaking does not fall foul of its legal obligations. At the minimum, legislation that a person conducting a business or undertaking must consider include the:
- WHS Act 2011;
- Protective Security Framework – June 2010;
- APRA standards CPS231, 232.