The study, which questioned 255 Australian chief information officers, chief executive officers and chief financial officers, revealed the local finance and manufacturing sectors are the most prepared to deal with a disaster if it occurs.
Catherin Bennett, Director of IDC User Programmes, told ZDNet Australia a simulation should be set up to test the business continuity systems, and that the testing should be done on a regular basis. Of the companies with a business continuity plan in place, 43 percent update it quarterly or twice a year, while another 40 percent update it annually.
"Part of that testing needs to be testing for people, not just infrastructure and things," said Bennett. She said people needed to be trained to use the business continuity processes, or the system would be ineffectual no matter how good it was.
Most Australian organisations consider the most critical business processes to protect are their financial systems, human resources and payroll functions, according to the IDC report Keeping the Engine of Commerce Running .
If business continuity plans are not in place and tested, the risks to Australian enterprises can include business disruption, corporate liability and loss of shareholder confidence and customer loyalty, the analysts said.
"Don't focus on non-critical activities, focus on critical areas," said Bennett. Companies should determine what level of risk they deem acceptable for each area, according to Bennett. They should also create a business continuity plan across all areas of their business, not just IT systems.