Planning for Impact, Not Scenarios: Rethinking Business Continuity

Introduction

Traditional business continuity planning often starts with scenarios: fire, flood, cyber-attack, pandemic. Organisations prepare for the threats they believe most likely. But this mindset has a fatal flaw – it assumes we can predict the next disruption. In reality, crises rarely follow the script. The COVID-19 pandemic exposed this weakness: the UK planned for influenza, but faced a coronavirus. The scenario was wrong, but the impacts – closed schools, disrupted workplaces, overwhelmed hospitals – were familiar.

Lesson: Continuity planning should start from impacts, not scenarios. By planning for the consequences, organisations can respond effectively even when the cause is unexpected.

Scenario-Down Planning: The Limits

Scenario-down planning focuses on specific threats and builds detailed responses for those threats. It creates false confidence: “we’ve planned for this” – until the disruption is different. When reality doesn’t match the scenario, gaps appear and resilience falters.

Impact-Up Planning: A Better Approach

Impact-up planning focuses on consequences, not causes. Examples include:

• Schools closed: How do we care for and educate children?
• Workplaces closed: How do people continue to work remotely or safely?
• Hospitals overwhelmed: How do we boost capacity and support staff?

By planning for impacts, organisations build flexible responses that apply across multiple scenarios, ensuring preparedness even for unlikely or unimagined events.

Planning vs. Exercising

Continuity planning should start from impacts. Impacts are predictable: buildings may need evacuation, systems may fail, staff may be displaced, supply chains may be disrupted. These are the consequences that matter, regardless of cause.

Scenarios add nuance when we exercise those plans. They shape the method of response:

• Fire: Alarm triggers immediate evacuation. Priority is speed and clear exits.
• Earthquake: Initial action is shelter under solid structures, then evacuate once the danger of falling objects has lessened.
• Bomb threat: Evacuation may be dynamic, without alarms, with allowance that the threat could be designed to funnel people into danger.

Lesson: Impacts give resilience its foundation. Scenarios give resilience its proof – they test whether plans hold under different conditions and highlight the subtleties of human behaviour, authority, and communication.

The Symbiotic Dimension

Impact-up planning also strengthens the link between organisational resilience and personal resilience. If schools close, employees need support not only as workers but as parents. If workplaces close, continuity depends on both technology and home preparedness. Planning for impacts forces organisations to consider the human dimension – and in turn, employees carry resilience practices into their personal lives.

Conclusion

Scenario-down planning is seductive because it feels concrete. But it is brittle. Impact-up planning is broader, more flexible, and ultimately more resilient. By focusing on consequences – closed schools, disrupted workplaces, overwhelmed hospitals, evacuated buildings – organisations can build responses that apply across scenarios, even those we haven’t imagined.

Scenarios still matter – but as exercises, not as the foundation. They add nuance, test embedded resilience, and ensure plans are realistic. The synthesis is simple: plan on impacts, test on scenarios.

At Tapping Frog, we help organisations shift from scenario-down to impact-up planning, and then stress-test those plans with nuanced scenario exercises. The result is continuity strategies that are not only documented, but proven, resilient, and ready for both the expected and the unexpected.