There is no such thing as a risk-free operating environment. The recent natural disasters in Burma and China, and smaller-scale interruptions such as power cuts or flooding, serve as a reminder of the need to plan for the unexpected.

Ernst & Young’s 2008 IT Internal Audit survey found that executives listed business continuity threats as the third most important risk facing their organisations. And the threats posed to day-to-day operations by disasters – man-made and natural – have become all the more real, as organisations rely on sophisticated IT and telecommunications, often coupled with outsourced business processes.