Hilary Estall MBCI - How I discovered the world of business continuity

  • 07 Feb 2019

In 2007, whilst working for BSI as a Project Manager, I came across a developing new British Standard, BS 25999 Part 2. It was going to be the next big standard for our Marketing Department to launch and our Certification business to introduce to its clients. I saw an opportunity to bring the diverse worlds of blue sky thinking and tactical operations together and develop a fully formed cohesive management system standard scheme to which organisations could certify to demonstrate to their clients how they would robustly manage a disruptive incident and protect the products and services they delivered to their customers.

The new business continuity management system scheme developed in conjunction with the new standard. I had been accepted onto the BSI Technical Standards Committee responsible for the development of the British Standard and also started my collaboration with the BCI. Both forums were excellent opportunities to develop my personal understanding of business continuity as well as ensure all key stakeholders worked together in this new arena. BS 25999 Part 2, the Requirements Standard, was published in 2007. (Part 1 had been published in 2006 providing guidance on how to implement business continuity arrangements through a management system approach).

Between 2007 and 2009 I was responsible for developing the BCMS certification scheme, training the auditors and obtaining UKAS accreditation for BSI. I also developed my own personal BC competency, achieving CBCI, SBCI, AMBCI and subsequently MBCI status in 2010. I too undertook several BCMS audits, which I continue to do today.

My new, all-encompassing world of business continuity was really interesting, and it wasn’t long before I realised, I wanted to develop my own career as a BC Practitioner. Having put BSI on the BCMS map I felt the time was right for me to seek a new challenge and in 2009 I set up my consultancy practice, Perpetual Solutions. From then on, I was providing support and advice to organisations either looking to become certified or implementing a business continuity programme. One day I would be delivering a BIA Workshop and the next I would be conducting an Internal Audit. There was never a dull moment and all the time I was learning more and more about business continuity and related subjects. In 2012, ISO 22301 was published and formally replaced BS 25999 Part 2. 

Running any business is tough but by joining industry forums, attending conferences and workshops and partnering up with the BCI, various certification bodies and the BSI Technical Standards Committee, I have not only continued to broaden my own knowledge but also been able to give something back both through supporting organisations seeking certification but also providing training and talks to individuals seeking out their own BC paths.

The most rewarding aspect of my work is to see how an organisation grows and becomes more self-aware as it develops its business continuity programme. Greater confidence in its own response capabilities as well as a better chance of surviving a business disruption has to be a win win situation. 

My development is ongoing and whether I am expanding my knowledge base to include Cyber Security or GDPR, the link back to ensuring business continuity and resilience in an organisation is clear. I would advocate a career in this arena to anyone who is keen to understand what makes a business tick and how to ensure that clock never stops ticking. Hugely rewarding and incredibly interesting. 

Happy 25th Birthday BCI! 

More on