Part 1: RAR - List of Threats v2

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search

Note that the text in italics serves as supporting instructions for participants attending and attempting BCM Institute's Blended Learning assignment

RAR 1-1: List of Threats

Natural and man-made threats can cause disruption to an organisation’s operations or services. Refer to Sample List of Threats for a comprehensive list of the threats compiled based on this region’s geographical threat profiling. Review, amend and select the threats that have an adverse effect on both the country and the organisation.

This list serves as a set of possible threats that could occur to an organization. It is intended to be used by the various disciplines, starting with business continuity, crisis management, crisis communication and disaster recovery.

Remember to use the Guidance Notes in BCMPedia to source for any other threats. Click to view a comprehensive List of Threats.

Business Continuity Management

Analysing And Reviewing The Risks For Business Continuity Planning BUY!

As threats are site-specific, business units located in different locations may incur different threats. If an organisation has business units operating in multiple sites, relevant business units must conduct threats and impact assessment for each site they reside in.


From this list of threats, the Organization BCM Coordinator together with the BC Team (completing this risk/ threat/ crisis scenario assessment templates) is required to identify and extract the likely and high-impact threats that will affect your organization. Sometimes, this list of threats may be re-organized into Four primary scenarios of internal and external threats: Denial of Access, Unavailability of People, Disruption of Supply Chain, and Equipment and IT-related Disruption.

Denial of Access

Denial of Access can be man-made or natural and includes all threats that will result in the denial of access/availability to people, processes, infrastructure, and partners/suppliers. This could range from a flood keeping you from entering the office premises to a power outage disrupting work. Below is the complete list of possible Denial of Access threats:

Part 1: List of Threats
  • Blizzard
  • Clouds
  • Cyclone
  • Drought
  • Duststorm
  • Flood
  • Flash Flood
  • Fog/ Haze
  • Heat Wave
  • Hurricane
  • Lightning
  • Rain
  • Snow
  • Thunder
  • Tornado
  • Tropical storm
  • Typhoon
  • Weather front
  • Water Spout
  • Wind
  • Wind Storm
  • Fire Storm
  • Fire - Wild, Rural or Urban
  • Terrorism
  • Bomb Threat/Explosion
  • Power Outage
  • Earthquake Tremors
BL-B-5 Click to know more

Unavailability of People

  • Labour Dispute/ Strike
  • Infectious Disease/ Pandemic
  • Workplace Safety
  • Workplace Violence
  • Loss of Key Appointment Holders
  • Mishandling of Hazardous Materials
  • Haze

Disruption of Supply Chain

  • Loss of Specialized Vendor/ Partner/ Supplier
  • Regulatory or Legal Violation
  • Default of Key Debtors
  • Accidents (i.e. Aviation, Rail, Maritime, Vehicular)

Equipment and IT-related Disruption

  • IT Failure (i.e. Hardware, Software)
  • Network Failure (i.e. Local and Wide Network)"
  • IT Sabotage
  • Telecommunications Failure (phone line)
  • Facilities and Equipment Failure (i.e. Air-con, Lift, Transformer, HVAC, UPS, Backup Generator)

Instruction to BCM and CM Participant

The section is for participants attending the following facilitated workshop.

  • Module 2 of B-5 or B-3
  • WSQ-BCM-310 and WSQ-BCM-410
  • Module 2 of CM-5 or CM-3
  • WSQ-CM-360 and WSQ-CM-420

This is the additional instruction to complete your Risk Analysis & Review assignment. Remember that you are expected to complete and submit the threats (via the document downloaded) by keeping those threats that have occurred in your country (C) and Organisation (O). 

  • On the same page, you must complete and submit those threats that arise in your organisation but may not have occurred in your country. 
  • Please strike out or delete those in your country who are not in your organisation from the table. 
  • Do not hesitate to add any new threats in the table provided.
Click to know more about expert level training