Part 1: RAR - List of Threats v2

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
BackBCM RAR.png

Note that the text in italics serves as supporting instructions for participants attending and attempting BCM Institute's Blended Learning assignment

RAR 1-1: List of Threats

Natural and man-made threats can cause disruption to an organisation’s operations or services. Refer to Sample List of Threats for a comprehensive list of the threats compiled based on this region’s geographical threat profiling. Review, amend and select the threats that have an adverse effect on both the country and the organisation.

This list serves as a set of possible threats that could occur to an organization. It is intended to be used by the various disciplines, starting with business continuity, crisis management, crisis communication and disaster recovery.

Remember to use the Guidance Notes in BCMPedia to source for any other threats. Click to view a comprehensive List of Threats.

Business Continuity Management

Analysing And Reviewing The Risks For Business Continuity Planning BUY!
BCM Planning Methodology RAR.jpg

As threats are site-specific, business units located in different locations may incur different threats. If an organisation has business units operating in multiple sites, relevant business units must conduct threats and impact assessment for each site they reside in.


From this list of threats, the Organization BCM Coordinator together with the BC Team (completing this risk/ threat/ crisis scenario assessment templates) is required to identify and extract the likely and high-impact threats that will affect your organization. Sometimes, this list of threats may be re-organized into Four primary scenarios of internal and external threats: Denial of Access, Unavailability of People, Disruption of Supply Chain, and Equipment and IT-related Disruption.

Denial of Access

Denial of Access includes all threats that will result in the denial of access/availability to people, processes, infrastructure, and partners/suppliers. This could range from a flood keeping you from entering the office premises to a power outage disrupting work. Below is the full list of possible Denial of Access threats:

Part 1: List of Threats
  • Blizzard
  • Clouds
  • Cyclone
  • Drought
  • Duststorm
  • Flood
  • Flash Flood
  • Fog/ Haze
  • Heat Wave
  • Hurricane
  • Lightning
  • Rain
  • Snow
  • Thunder
  • Tornado
  • Tropical storm
  • Typhoon
  • Weather front
  • Water Spout
  • Wind
  • Wind Storm
  • Fire Storm
  • Fire - Wild, Rural or Urban
  • Terrorism
  • Bomb Threat/Explosion
  • Power Outage
  • Earthquake Tremors

Unavailability of People

  • Labour Dispute/ Strike
  • Infectious Disease/ Pandemic
  • Workplace Safety
  • Workplace Violence
  • Loss of Key Appointment Holders
  • Mishandling of Hazardous Materials
  • Haze

Disruption of Supply Chain

  • Loss of Specialized Vendor/ Partner/ Supplier
  • Regulatory or Legal Violation
  • Default of Key Debtors
  • Accidents (i.e. Aviation, Rail, Maritime, Vehicular)

Equipment and IT-related Disruption

BackBCM RAR.png
  • IT Failure (i.e. Hardware, Software)
  • Network Failure (i.e. Local and Wide Network)"
  • IT Sabotage
  • Telecommunications Failure (phone line)
  • Facilities and Equipment Failure (i.e. Air-con, Lift, Transformer, HVAC, UPS, Backup Generator)

Instruction to BL-B-3/5 M2 Participant

Remember that you are expected to complete and submit the threats (via document downloaded) by keeping those threats that have occurred in your country (C) and Organisation (O). 

  • On the same page, you are to complete and submit those threats that arise in your organisation but may not have occurred in your country. 
  • For those in your country and not in your organisation, please strike out or delete them from the table. 
  • Do not hesitate to add any new threats that are in the table provided.