But often the UN has to deal with cases of extreme complexity. In 2010 its headquarters in Port-au-Prince, Haiti, were completely devastated by the earthquake that flattened the already impoverished country, threatening the ability of the body to help with the rescue and reconstruction efforts.

UN buildings have been the target of bomb attacks in Iraq, Afghanistan and more recently, in Nigeria. The organisation often has to provide aid in countries where the usual logistic channels are disrupted by catastrophes or violent conflicts.

“We plan for all the things that we need to work to be not there. And then we ask what do we do?” Mr Gray said.
In his view it is important to carefully design emergency procedures that bring all the people involved together. Even small routine tasks should be taken into consideration.

“You need to have a plan that allows for all the simple and routine tasks to be back in place. When a large event happens you do not have time to think of the little things,” he pointed out.

Mr Gray emphasised that everybody within an organisation needs to know what to do in an emergency.

In this sense, he said, business continuity amounts to strategic planning that aims to promote changes of behaviour.

People must be trained so that when an incident takes place they automatically change the way they think.

But that is not an easy job as staff tend to ignore the importance of time-consuming preparation even in places where the level of risk is high. “At first business continuity professionals are seen as vacuum cleaner salespeople,” he joked.

Once the message hits home, however, the perception changes completely, as those likely to suffer from the disruption understand the importance of being properly prepared.

A common mistake made by large organisations is the adoption of a programme approach to business continuity plans. In other words, several initiatives are created to deal with specific problems, under the responsibility of different units.

Mr Gray said that such an approach creates problems as it results in many units working by themselves on overlapping issues. In the UN management has made an effort to streamline such processes, he said.

The UN has recently learned that social media technologies can be a powerful tool for business continuity managers. In recent cases they have enabled the organisation to increase its ability to deliver aid.

Mr Gray said that ISO 31000 can be a useful tool for business continuity plans as it helps different parts of a company to speak the same language.

But other participants in the debate were less enthusiastic about the relevance of the standard to business continuity management.

Lyndon Bird, Technical Development Director at the Business Continuity Institute, BCI, told the audience that a specific standard, ISO 22301, has just been launched to help implement business continuity management systems.

Mr Bird complained that the sheer proliferation of standards is actually making the life of business continuity professionals more difficult. “There are so many BCM standards that it confuses the world,” he said. “They confuse me and I do this for a living.”

Mr Bird stressed the differences between risk management and business continuity management.

The former deals better with ‘known knowns’ and non-extreme events and the latter with black swans, or  ‘unknown unknowns’, he argued. Mr Bird suggested that both fields must make an effort to better align their activities.

Please sign up here to our full-time mailing list to ensure that you receive our weekly newsletter.

• More Risk Management News
• More Catastrophe News