In my experience, organisations that come to me for consultancy often share a similar story. They had a business continuity plan in place, sometimes one they had developed internally, sometimes one built by a previous consultant. Something went wrong, and nobody invoked it. Not because the disruption was trivial, but because nobody felt confident enough in the plan to use it. People muddled through. They made phone calls, worked late, found workarounds, and got on with it. The formal plan, with its carefully documented escalation procedures and recovery time objectives, sat untouched.
This is usually treated as a training problem or an awareness problem. People didn’t know the plan existed. The plan wasn’t tested recently enough. The call tree was out of date. All of which may be true, but I don’t think they explain the real issue. In most cases, the people involved knew perfectly well that a plan existed. They just didn’t reach for it.
"It didn't feel bad enough"
The most common reason plans go unused is the simplest one: people don’t think the situation warrants it. Invocation sounds serious. It sounds like an escalation. And when you are in the middle of something that feels manageable, even if it is getting worse, the instinct is to keep managing it rather than pull what feels like an emergency lever.
This is particularly true for slow‑burn incidents. A cyber attack that starts with a handful of odd helpdesk tickets. A supply chain problem that builds over days. A staffing issue that creeps from inconvenient to critical. There is rarely a single moment where someone can point and say “that is when we should have invoked.” By the time the severity is obvious, people are already deep into their improvised response and switching to a formal structure feels like it would add confusion rather than reduce it.
The result is that invocation, when it happens at all, happens too late. The window where a coordinated response would have made the biggest difference has already closed.
Leaders Lead
There is a subtler issue that rarely gets discussed. Senior managers and directors are recruited, developed, and promoted for their ability to make decisions, manage teams, and take charge of difficult situations. When something goes wrong, their natural instinct is to do exactly that. They gather information, they direct their teams, they make calls. They lead.
What they do not naturally do is open a document and follow a procedure. That feels like the opposite of leadership. It feels passive. And if the plan is written as a rigid, step‑by‑step script — do this, then this, then this — it actively works against the way senior people are wired to respond. They look at it, decide it does not fit the situation in front of them, and put it aside.
This is not a failing on their part. It is a failing of the plan.
What a good Business Continuity Plan looks like
A business continuity plan that actually gets used in anger needs to do three things. It needs to make invocation easy and proportionate, it needs to identify what is genuinely critical without drowning responders in detail, and it needs to support decision‑making rather than try to replace it.
Invocation need not be a binary switch between “business as usual” and “full crisis.” A finely tuned approach recognises that incidents come in different shapes and speeds, and that the response structure needs to flex accordingly. A slow‑burn supply chain issue needs a different level of coordination from a sudden site evacuation, and the invocation process should reflect that.
The response structure itself needs to be clear without being prescriptive. This is why I favour an aide memoire approach over a traditional plan format. A single page of prompts — what do we know, who is affected, what are the priorities, who needs to be told — gives leaders a framework for the decisions they are already instinctively trying to make. It works with their experience rather than against it. It is the difference between handing someone a script and handing them a checklist.
And then there is the most important element of all, which is not the plan itself but the planning. Exercising and training are where the real value sits. Not because they test whether people can follow the document, but because they build the habits, the relationships, and the confidence to respond effectively when something real happens. The team that has practised together, that knows who does what, that has experienced the pressure of making decisions with incomplete information — that team will perform under a real incident whether or not anyone opens the plan.
There is a well-known observation, often attributed to Eisenhower, that ‘plans are worthless but planning is indispensable’. If your plan is gathering dust, the answer is probably not a better plan. It is better planning
