Research Article

(wileyonlinelibrary.com) DOI: 10.1002/qre.1246 Published online 24 August 2011 in Wiley Online Library

A Proactive Operational Framework for

Business Continuity in the Semiconductor
Industry
Chin-Sen Lin,a*† Sunny Kao,b and Long-Sheng Chenc
Prolonged disruption due to a man-made crisis or a natural disaster could result in the loss of vital corporate assets or market
share. To protect the organization and ensure the survival of the business, a comprehensive contingency plan is necessary.
Some unique characteristics of the semiconductor industry are its equipment and its technological and capital-intensive
investments. As with any other industry, the uninterrupted provision of products and services to clients should be considered
the key priority of the semiconductor industry. In this regard, this paper presents a systematic and proactive operational
framework for the semiconductor industry to effectively anticipate, resist, and recover from disasters. The framework is
composed of three phases: emergency response team, crisis management, and business continuity plan. The contents of
these phases are discussed, and related workable procedures and measures are recommended to practitioners to ensure that
organizations can continue to operate in the most adverse situations and thus remain viable and profitable during and after
the crisis. Copyright # 2011 John Wiley & Sons, Ltd.

Keywords: risk management; business continuity plan (BCP); semiconductor industry

1. Introduction
uman-induced failures and the increasing occurrence of natural disasters have caused many organizations to experience a

H complete shutdown of key business operations. No matter how hard a company tries to ensure smooth operations, there is
no guarantee it will have a problem-free system. To ensure continuity of business operations, the company must assess its
potential for impacts, determine its vulnerability to such impacts, and then mitigate potential disruptions. Therefore, a company must
either take preemptive action to reduce the likelihood or severity of failures, or construct a contingency plan for continuity of the
company’s operations.
In recent times, disasters have dramatically highlighted the need for business recovery planning. Modern statistics indicate that if an
organization is prohibited from accessing mission-critical data for more than 48h, it may go out of business within a year1. Interrup-
tions may be posed by insecure external service providers, data links to third parties, software vulnerabilities, and human error2. Tsai
and Chen3 also stated that the formation of disaster risk includes three elements: source of the hazard, damage to objects caused by
the incident, and threat. Indeed, all these factors affect organizations. As such, each organization needs to assess the impact of these
factors to their own organization, as well as the organization’s capability to respond to and recover effectively from the interruptions.
In relation to this, Smith4 suggested that the survival of a business will depend on the existence of a contingency plan and the quality
of advance preparations made.
In most companies, disaster recovery focuses primarily on risks, management information system protection, and planning. Jaatun
et al.5 indicated that incident response is the process of responding to and handling security-related incidents involving information
and communications technology infrastructure and data, focusing mainly on technical issues. However, a comprehensive contin-
gency plan takes all these a step further by designing the means that will allow an organization to remain operational during and
after an event1,6. Moreover, the company must have a comprehensive contingency plan that is fully integrated into the organization
as an embedded management system. The plan should aim to improve the organization’s resilience as well. By identifying in advance
the potential impact of a wide variety of sudden disruptions to the organization’s ability to succeed, the organization is able to prior-
itize the efforts of various other specialists aiming to achieve resilience in their areas of expertise, including security, facilities, and

a
Department of Industrial Engineering and Management, China University of Science and Technology, Nangang, Taipei, Taiwan
b
Total Quality Management, Hermes Systems Inc., Hsinchu, Taiwan
c
Department of Information Management, Chaoyang University of Technology, Taichung, Taiwan
307

*Correspondence to: Chin-Sen Lin, No.245, Sec.3, Academia Road, Nangang District, Taipei City 115, Taiwan.
†
E-mail: cslin@cc.cust.edu.tw

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
 C.-S. LIN, S. KAO AND L.-S. CHEN

information technology (IT). Thus, a contingency plan must be developed for the entire organization—from senior management to
the bottom level—across all sites and throughout the supply chain7.
We take Taiwan as an example. The semiconductor industry is important for the business continuity of the national industry in
Taiwan. In particular, it has played an important role in Taiwan’s economic development in recent years. Therefore, ensuring the
industry’s continuous operation to meet the needs of customers is critical. When faced with unpreventable events, the industry is
interested in searching for a workable pattern that will serve as a reference for its practitioners. In light of this discussion, the impor-
tance of the business continuity is first discussed, and a management structure of comprehensive contingency plan with three phases
for the semiconductor industry is recommended. Next, the detailed workable processes of these phases are outlined. A practice
case of a semiconductor company in Taiwan is then described to show the effectiveness of the contingency plan. Finally, overall
conclusions and suggestion for future work are presented.

2. Background and a model of contingency plan

A comprehensive contingency plan is a strategic measure for ensuring that businesses continue to operate even in the most adverse
situations, thereby remaining viable and profitable in the future8. Many organizations have a contingency plan in place to identify,
respond, and recover from a broad range of potential interruptions. However, business continuity has become more of a business
problem than a technological one. Therefore, it is interesting to regard the contingency plan as a business recovery plan rather than
as an IT recovery plan9. Business continuity is a vital element of the operating fabric, and hence, it is constantly examined10. An orga-
nization must ensure that its contingency planning competence and capability are appropriate to the nature, scale, and complexity of
its business, and that these likewise reflect its individual culture and operating environment7.
Chow11 described a contingency plan as a scheme that can be executed as a method of dealing with business operations when
normal business functions fail, in particular, due to a disaster. The study by Gouldson and Schick9 depicted that the technology
problem can be easily solved in a disaster, and for years, most companies only have to back up their system to solve an IT problem.
When it comes to issues involving management, however, the problem becomes far more complex. Companies have to own
processes and the people to execute the plan, which should be set in place and ready to work anytime. These have to be factored
into the disaster contingency plan or business continuity plan (BCP)2. Specifically, BCPs refer to plans designed to allow a business
to perform its critical business processes during and after a disaster that would have otherwise stopped those processes12. A BCP also
integrates incident evaluation, has primary vendor contacts, includes IT and telecom requirements, contains lists of personnel and
supplies, and includes notification and reporting procedures13. The Business Continuity Institute7 in Great Britain defined business
continuity management as a holistic management process that identifies the potential impact threatening an organization, as well
as provides the framework for building resilience and the capability for an effective response that safeguards the interests of its
key stakeholders, reputation, brand, and value-creating activities.
Although the content of a BCP varies by organization, developing a plan is generally a three-phased process that includes project
development, business impact analysis and risk assessment, and contingency planning/testing/training8,14. Knemeyer et al.15 refer-
enced a conceptual framework for risk analysis that links risk assessment and risk perceptions to develop risk management strategies.
The Federal Financial Institutions Examination Council in the USA advises that a comprehensive BCP be conducted using an important
sequential structure that includes business impact analysis, risk assessment, risk management, and risk monitoring16,17. Moreover,
Wainwright1 recommended three main components of a BCP: duplicate hardware infrastructure, data replication, and instant
application availability. Comprehensiveness and flexibility must be built into the business continuity process18. Furthermore, some
additional recovery teams would include logistics, client relations, human resources, and telecommunications19.
With reference to recent academic literature, several conceptual frameworks have been developed in relation to the BCP5,12,20,21;
however, they scarcely illustrate the operational level in this issue. Thus, focusing on the semiconductor industry, the researchers
conducted a retrospective observational study that integrates case studies and benchmark statistics. Moreover, in an attempt to
follow the “Business Continuity Management Good Practice Guidelines,”7 a comprehensive contingency plan, which is both practical
and workable for practitioners, is also proposed. For the establishment of the plan, the researchers acted as the organization’s
business continuity program consultants. A definitive program of training classes and workshops for members of the emergency
response team (ERT) was suggested, including the development of fire-extinguishing skills, cardiopulmonary resuscitation skills,
telecommunication tool usage, damage appraisal, and so on. With regard to crisis management, different predefined process flows
for various crisis types, such as fire, earthquake, flood, leakage of confidential data, and top manager abduction case, were verified.
Furthermore, for BCPs, different response programs were reviewed and suggested to be included, for example, contact channels
for key members, resource requirement, main and second channels for materials or parts suppliers, machine or equipment required
for business continuity, and manufacturing standard operation procedures. Collectively, in implementing the entire business continu-
ity program, a kick-off meeting was first initiated, followed by a fundamental training program and an advanced training program for
the representatives of all departments and divisions. Afterwards, the risk management senior manager conducted a one-on-one
review of the business continuity program draft issued from each department/division three to four times. The final (or latest) version
of the business continuity program would be posted in the company’s intranet. Consequently, the researchers not only provided
suggestions to the representatives of the organization but also initiated ERT training classes, verified crisis management operating
flow, and reviewed the content of the business continuity program.
The proposed contingency plan is organized into three phases: (i) the ERT phase (ERTP); (ii) the crisis management phase (CMP);
and (iii) the BCP phase (BCPP). Figure 1 shows the recommended structure of this plan. From the bottom of the triangle, the ERTP
308

is actuated by a mechanism when an incident occurs. It deals with the lowest severity of the event, but presents the highest possibility

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
C.-S. LIN, S. KAO AND L.-S. CHEN

Figure 1. A comprehensive contingency planning structure

of the event ever occurring. In this phase, the ERT members are defined for those who are in charge of emergency handling and
controlling in real time (called the “first moment”). If the ERT members can contain the damage to a controllable scope and avoid
further disaster expansion, ERT members can handle the task until the issue is resolved, and the treatment ends within this phase.
Otherwise, the on-site incident commander of the ERT must report to the president of the company and escalate the issue to the next
phase, which is CMP. When the event or damage enlarges to a corporate crisis, the CMP is initiated, and the ERT members are tasked
to oversee real-time handling, damage appraisal, and information collection, after which the crisis management team (CMT) takes
over until the event is resolved. Usually, within this phase, the severity and the occurrence possibility of the event are in the middle
level. Once the incident increases in severity so as to impact the continuous operation of the organization (top level of the triangle in
Figure 1), the president of the organization must make a decision to initiate BCPP (when and if the president is out of town, the
deputy of the president will be the decision maker, for example, the vice presidents), after which the organization is forced to provide
the usual services to customers within the shortest period possible. Given that the semiconductor industry has unique features, a
detailed description of a comprehensive contingency plan in three phases is illustrated in the sections below.

3. Emergency response team phase

Once an incident occurs, the organization must decide on how it will execute a contingency plan to identify, respond, and recover
from interruptions while ensuring that threats to the company are eliminated. The plan has to ensure that key responsibilities are
taken over in a timely manner and comprise the necessary steps and guidance for appropriate individuals. The ERT is recommended
to ensure speedy and flexible responses in the first instance, and to manage ongoing safety responsibilities in the workplace.

3.1. Establishing the emergency response team

The ERT is the team at the forefront of the recovery management task. The prime objective of the ERT is to minimize casualties in
personnel or damages to properties when an incident occurs, provide first aid, and facilitate evacuation from the site to ensure that
the incident does not escalate into a disaster that will impact heavily on business services and functions.
The members of the ERT, who are organized by designated and assigned personnel, are always the first to arrive at the site of the
incident to prevent the incident from getting out of hand. Designated personnel are those who are in charge of the fields where the
incident occurred with the highest possibility. These are the representatives who come from the factory, maintenance, laboratory, and
environmental safety departments. A certain number of assigned personnel are dispatched by the departments regardless of
the office they come from, whether from manufacturing, customer service, information, or administration. Members of the ERT are
recommended to attend 3days of initial training and an advanced first-aid lesson, after which, they are required to obtain a licensure
certification. They are also required to attend periodic refresher training and monthly meetings to strengthen their capabilities. Table I
defines the roles of ERT members using various terminologies.

3.2. Operating system of the emergency response team

The mission of the ERT includes saving human lives, protecting the site environment, reducing property loss, and supporting quick
recovery. For some serious incidents, the ERT is required to link up with external resources and support units, such as the fire depart-
ment, hospital, police department, and environmental protection bureau. This is done to establish the interaction mechanism, its
capability to deal with the contingency, and commit to the relevant government regulatory requirements. Therefore, the operating
system of the ERT should be constructed in such a way that it can prevent the damage brought about by the potential crisis.
Furthermore, an on-site incident commander should be appointed to coordinate operations in the specified incident. The appoint-
309

ment is not permanent, and it depends on the characteristics of the situation. Generally, the commander comes from among the

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
 C.-S. LIN, S. KAO AND L.-S. CHEN

Table I. Roles in the emergency response team and corresponding responsibilities

Role
Emergency response team (ERT)
Incident commander (IC)
Emergency response plan (ERP)
Emergency response alternative plan (ERAP)
Responsibility
•The team that deals with the incident upon early occurrence, manages the
people on site to prevent them from being injured, and contains the incident.
•The members of the ERT are well trained, as they have professional knowledge
in dealing with the incident, and they are well trained in the operation of
relevant equipment.
•The person who has the capability to contain the incident and to propose an
emergency response plan that will deal with the incident.
•Within the period of dealing with the incident by the ERT, this person
coordinates with relevant people and communicates orders.
•The IC is qualified personnel with ERT training.
• responsibility
The plan proposed by the IC in dealing with the incident, and it includes the
of the ERT, task dispatch of the ERT, and the working plan on
resource utilization. It is the guideline for the ERT operation.
•The plan prevents the breakdown of the ERP, and it can be used to contain
the incident.
•Follow-up
situation.
alternative plans may be proposed depending on the ongoing

ranks of the ERT’s senior members. The incident commander must appoint other team members to control and maintain each core func-
tion, including a chemical handler, guarder, supporter, sweeper, medical person, and recorder. Figure 2 shows the incident treatment
process. It is summarized to identify the major guidelines of rescue activities that can minimize the damages an incident can inflict.
The incident command system involves focused management of a specific incident to allow the experience to evolve toward a
continuous and self-improving mechanism called the incident management system. The long-term objectives and relevant improve-
ment programs of the contingency plan should be established to achieve the goal of the incident management system. These
schemes will then be collected and integrated into the risk management system of the company. The pictorial relationship between
incident command and incident management system is shown in Figure 3.

4. Crisis management phase

A critical step in protecting any organization is identifying the potential risks as comprehensively as possible and establishing plans
for handling them within reasonable operational and economic constraints. By setting the procedures of a systematic management
system, the potential crisis could be evaluated. The evaluation is consolidated to become a recovery action plan. The objectives of this
process are to analyze all alternatives and strategies available that will allow the core business to continue, as well as to mitigate loss
from any of the possible interruptions. Jaatun et al.5 presented an incident response management method with three phases:
prepare, detect and recover, and learn. In this study, we considered a crisis management process that can be executed as a closed
circular loop composed of five consecutive stages: identification, preparation and planning, response and control, recovery, and learn-
ing. The five consecutive stages of crisis management process are shown as a continuous improvement circular loop in Figure 4.

4.1. Identification stage

To discover the potential crisis in its early stage or adopt preventive actions before the crisis occurs, the primary task of crisis manage-
ment is to identify the sources or potential sources of the crisis. Identification is a vital process in this stage; a quantitative comparison
can be applied to prioritize the order of severity and the impact an extended outage could have on the business process, staff, and
other areas within the organization. The multiplication of the possibility of the potential crisis, as well as the magnitude of the
potential crisis, is recommended to determine the value of the quantitative comparison. Based on this, Figure 5 proposes an executive
procedure of crisis identification.

4.2. Preparation and planning stage

When the potential crisis has been identified, its probable impact should be efficiently assessed to reduce the risks involved or resolve
them altogether. To address a problem or prevent it from getting out of hand, a company should not only follow the regular proce-
dure in dealing with it but should also be prepared by adopting a preventive plan. There are several principles recommended in
dealing with a crisis, such as keeping calm, showing a responsible attitude, resolving the problem actively, communicating with
certainty and promptness, making a categorical announcement, reducing personnel casualties, reducing property damage, and
unifying all personnel. These will help reduce damage to the business and minimize confusion and chaos.
The CMT is organized to deal with the contingency in the event of a crisis, and it is the highest executive level in the organization.
310

Table II lists the major roles of the CMT and its responsibilities.

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
C.-S. LIN, S. KAO AND L.-S. CHEN

Incident
happened

Internal Emergency Notifying line

Security Dept.
Incident emergency Factory Affairs Dept.
notification Environment Safety and Health (ESH) Dept.
Top Executive Officers (CEO or COO)

Getting notification ERT response for emergency call (or pager)

& response from ERT
Confirm the information
Identify the damaged objectives (or personnel)
Incident Control the situation
area control Confine the incident area

Confine the incident situation / event

Situation / Possibility of situation / event expansion
event appraisal Resource requirement analysis/ forecast
Back up or supporting requirement

Define the action targets

Task planning Team members' tasks assignment
and assignment Resource usage
Prepare the alternatives (if necessary)

Implement the tasks assigned by incident commander

Tasks execution Deliver real-time message to interested parties.
Renew task plan by progress reports (if necessary)
Initiate alternative (if necessary)

Execute contamination source control

Decontamination Recover on site’s environment
Dispose contaminated waste

Confirm the end of the emergency situation

ERT back to work place Follow the direction of the incident commander
and return to the work place

Incident commander documents record and report

Documented ESH Manager reviews record and report, delivers
Record and report report to Top Executive Officers.

Figure 2. Incident handling process

4.3. Response and control stage

As the preparation process concludes, all findings can be transposed into the appropriate recovery procedure templates in order to
respond to and control the crisis. The appropriate time to deal with the crisis is within 24h after the occurrence of the incident. Crisis
stakeholders should also be appropriately informed with relevant crisis information at this stage. The crisis stakeholders include the

Incident Command System Incident Management System

(for executing) (for directing)
Executed by incident commander Provide hazardous analysis and risk
Management steps: appraisal assessment
categorization organization Executed by top executive officer
mobilization cooperation VS.
VS. [e.g., CEO / COO (Chief Operational
record Officer)]
Decision making by real situation Provide overall direction for events
Incidents categorization Specify the strategies
Incidents review and examination Reconfirm the real situations

Incident Incident …. Incident

Command Command Command
System System System
(for A event) (for B event) (for N event)
Risk
Incident Management System Management
(Accumulated experience by workshop or real practice) System
311

Figure 3. The relationship between the incident command system and the incident management system

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
 C.-S. LIN, S. KAO AND L.-S. CHEN

Figure 4. The five consecutive stages of the crisis management process

employees, customers, suppliers, company shareowners, mass media, labor union, semiconductor association, environmental protec-
tion group, consumer protection group, and other relevant groups.

4.4. Recovery stage

The recovery stage should be based on the disaster recovery plan (DRP) so that the minimum resources required to ensure core busi-
ness requirements are fulfilled and employed. The DRP includes short-term and long-term recovery plans. The short-term recovery

Steps in Identification Stage Consideration Points in Crisis Identification

Inherent characteristics of your industry and the types of

products
Identification Possibility of personnel mis-operation
Requirements within governmental regulations,
of potential crisis semiconductor industry standard, and ESH
Possibility of natural disaster
Company’s current operation scale, style, and manner
Auto-monitoring system level of facilities and
maintenance level
Product liability for customer safety
Commitment for quality assurance and service level
Usage and treatment ability for hazardous and
poisonous material
Contingency capability of suppliers

Determine the crisis occurrence by type (fire, earthquake

Determine the possibility
of crisis occurrence by
category
explosion, etc.)
Evaluate the occurring conditions of potential crisis
Evaluate the occurring possibility of potential crisis
Determine the causes of crises belonging to controllable
and uncontrollable factors

Impact on surrounding environment

Determine the Impact on employees’ safety
impact severity if Impact on company’s reputation
crises happens Impact on company’s assets

Evaluate self-defensive capability if crisis event

happens
Evaluate influence and impact on company’s
Screen out operation
Company-owned resources condition
negligible Readiness and completeness of the current
crisis events management system
The company’s culture that employee can be
empowered to quickly respond to the crisis

List all the crisis events that need to be confronted

Need to face
Simulate the crisis event progress if it did happen
the crisis events
Provide the actions or processes on how to
handle the crisis
312

Figure 5. Crisis identification procedure

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
C.-S. LIN, S. KAO AND L.-S. CHEN

Table II. Major roles in the crisis management team and corresponding responsibilities
Roles Responsibility
President •Convenes the crisis management team
•Reports to the headquarters of the company
•Assesses and decides the level of crisis announcement
•Settles the emergency
Presents the news conference
•Explains the situation todecision
•Represents the companyrelevant government agencies
Spokesperson •Assesses the impact level of the crisis the situation
and announces
•Coordinates with the heads of divisions to provide information and opinion
•Communicates with the public media
•Implements first-aid operations
Head of the operation division •Contacts the police station, fire department, and security office
•Spearheads rebuilding tasks
•Evaluates the financial losses incurred
Head of the financial division •Provides the necessary information
•Determines the amount of compensation
•Announces the suspension and resumption of company operations
Head of the human resource division •Gathers the opinion of employees after the crisis
•Contacts and extends help to the disabled persons or bereaved families
•Leads the after-crisis mental healing of the employees
•Spearheads the employee conference
•Prepares information to be disseminated to public media
Head of the public relationship division •Arranges the meeting with public media
•Responds to and records the inquiries of public media
•Analyzes the reports from the media after the crisis
•Analyzes the incurred legal problems from the crisis
Legal consultant •Assesses the legal impact of the crisis
•Resolves the legal or compensation problems
•Assists in the process of negotiations
•

plan refers to the initial recovery steps so that the required products or services can initially be provided. However, at this point, the
service quality would be lower than the original one; still, it is at a level where the customers could accept the products or services.
The long-term recovery plan, on the other hand, refers to the stage where the original state of services and products are recovered.
Relevant tasks in this stage are as follows:

• office/factory
To proceed with disaster recovery steps which include building repair, damaged hardware/equipment repair or replacement, and
rebuilding
• ToTo provide the core products or services to the main customers
• To communicate with customers and explain the cause of the crisis and the process/result of the corrective actions taken
• To adjust the content ofworking
set up a substitute place or substitute operators in order to restart original operating tasks
• To reassign employees in the disaster forareaitems
the operation that are easily affected or damaged and the equipment, which is easily damaged
• To provide loans to employees affected by tothenew operating tasks
• To provide psychotherapy to affected employeesdisaster
•
4.5. Learning stage
The primary task of the CMT is to learn from the experience and prevent the organization from having to develop new procedures
every time. Hence, procedural review provides for the continued updating of the contingency treatment procedures. This will ensure
that the team has considered the situation appropriately and has responded to all changes in the job sites. In addition, this is a
guarantee that it has familiarized relevant personnel with the crisis recovery process and could thus provide services to customers
despite the crisis.
Furthermore, because the crisis recovery plan implies the use of various business processes and working methods, the manage-
ment should understand and support such changes and alter its business expectations as needed. The review and approval of the
crisis recovery plan by the management will also help reinforce plan integration. A customer site safety postdisaster assessment
313

survey should also be developed and integrated in the company’s ISO documents, which include ISO 9001 (Quality Management

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
 C.-S. LIN, S. KAO AND L.-S. CHEN

System), ISO 14001 (Environmental Management System), and OHSAS 18001 (Safety Management System). The facility system post-
disaster safety checklist would also be very helpful and should thus be drafted to ensure capable handling of the incident.

5. Business continuity plan phase

A BCP is a scheme that can be executed as a method of dealing with business operations when confronting an escalated incident.
Compared with the task of the ERT, the BCP is started in conjunction with a broad crisis management process when the extended
outage arising from the incident becomes unmanageable or cannot be controlled by the ERT in the first occurrence. Once an orga-
nization function has started to execute its BCP, the plan must take place immediately so that the operational function of the orga-
nization can continue and its normal environment restored.
There are three levels of documentation in the BCP. The highest level is the BCP manual, which includes the responsibility of the
business management team (BMT), operation procedure of the BMT, disaster evaluation report/process, communication with the
public media, DRP, situation simulation, and testing/auditing. The middle level is the functional BCP, which includes the responsibil-
ities of the tactical team (TT), the organizational chart of various functional departments, the operation flow chart of the functional TT,
and the action plan explained by functions. The lowest level is the tables and forms, which provide the list of names and telephone
numbers of the TT, the list of hardware used in executing the action plans, a blank sheet for disaster evaluation, the list and contact
details of major suppliers, and the list and contact details of major customers. Once the BCP document is developed, the BCP
procedures need to be tested and maintained on an ongoing basis. Related definitions of the BCP content are illustrated in Table III.
An important consideration is the adherence to the implementation process. Figure 6 shows the procedures for initiating the
BCP process.
Once the BCP has been initiated, the executive task force of the action plans is the TT. A TT leader is assigned to lead the specified
task. A plan executive is also assigned to coordinate the various tasks. All possible contact information of the team members is listed
in the action plans, and the procedures are detailed in easily understandable flow charts. Moreover, the relevant personnel of the BCP
are trained and recognized to be capable of dealing with disasters.

6. A practical example for implementation

ABC (name is assumed) company is a professional semiconductor manufacturing company located in the Hsinchu Science-based
Industrial Park in Taiwan. Its major business is to provide related turnkey services for the semiconductor industry. The main
characteristics of the company are labor-intensive and capital-intensive investment and technology-oriented services. Strong demand
in the global electronics market has fuelled the rapid growth of this company, with the number of its plants almost doubling in the
past 10years. At the same time, its number of employees doubled.

Table III. Definitions in business continuity plan content

Major term Definition/Illustration

Business continuity plan

(BCP)
•After the incident occurs, the prepared action plans can retain the company’s operations and
maintain a certain service level for customers.
BCP program manager •Responds to the incident and implements detailed action, updates the contents of the BCP
•The team is functions
Initiates the of the BCP when the incident occurs
Business management
team (BMT)
• department, environmentof the
composed heads of departments (e.g., factory task department, security
and safety department, human resource department, legal
department), which have varying levels of influence, and it aims to efficiently achieve the goal
of the BCP.
BMT leader • Responds to the establishment of the BMT and, if necessary, establishes a crisis treatment center
and announces the start of the BCP phase
BMT member • Members are managers who can influence decisions on company operations
• During the period of executing the BCP, the BMT members are directed by the BMT Leader.
Emergency operation
center (EOC)
• Established to deal with the incident’s minor impacts and to prevent the expansion of the
affected area
• Collects information within the incident area
• The members of the EOC are mainly organized by ERT members.
Crisis management center • A temporary management center for coordination work on the crisis
(CMC) • The members of the CMC are mainly organized by BMT members.
Tactical team • The task force of the BMT that works on the resolution of the crisis
Disaster recovery plan • The action plans of the company to restore normal operations, with the main task being
314

hardware rebuilding in the company

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
C.-S. LIN, S. KAO AND L.-S. CHEN

Incident happened

ERT responds and arrives on site

Event's impact No
ERT handles the incident
becomes a crisis

Yes

Form a Crisis Management ERT records the incident and

Center (CMC) task completed with a written report

Crisis will impact No

company's continuous Form a Crisis Management Team
operation (CMT) & tasks assignment
Yes

Form a Business Management CMT records the crisis and

Team (BMT) from different task completed with written report
function officers

Assign the Tactical Team

leader (TTL)

BMT’s mission explanation &

tasks assignment

TTL evaluates the loss of

damage from crisis

TTL responds to the evaluation

result to BMT

TTL initiates to execute the

tasks of BCP

Figure 6. The initiation procedure of a business continuity plan

An ERT has been established by ABC company, with the ERT members coming from permanent employee representatives, on-site
vendor employees coming from process gas providers, and ABC’s safety guards. Thereafter, ABC company founded a CMT and devel-
oped a crisis management manual as guidelines to confront different crisis types, handling process, and emergency contact execu-
tives. A BCP was also established for handling serious crises that will impact business normal key operational functions, including
production and manufacturing, order handling platform, IT server and back-up system, laboratory, semiconductor tool training center,
and human resource information system. The hierarchy relationship of these three teams (ERT, CMT, and BCP) is shown in Figure 1.
On September 21, 1999, an earthquake with a magnitude of 7.3 occurred at 23.85 N latitude and 120.78 E longitude. The devasta-
tion brought about by the earthquake included official estimates of 2161 deaths, 8736 injuries, and approximately 150 people listed
as missing. There were over 60km of surface faulting and substantial lateral displacements up to 9m. Vertical displacements were
large. The location of company ABC was very near the central part of Taiwan, which was impacted with a fifth grade earthquake.
As a response, company ABC activated its contingency plan to deal with this disaster.
According to the response procedure when an incident occurs, the ERT arrived at the site of the calamity to begin rescue opera-
tions 3min after the earthquake. The crisis evaluation report was accomplished within 43min, and after 151min, the advanced crisis
evaluation report was submitted to the company headquarters located in the USA. The physical damage of the facility was analyzed at
19:00h on September 21. All information systems (telephone, e-mail, Internet, and application software) were reinstalled on Septem-
ber 23, after the electric supply was reconnected. The ERT operating process is shown in Figure 7. At that time, the quake damage to
company ABC’s facility, normal operations, and customers was serious and identified to impact the continuous operation of the orga-
nization. Thus, company ABC decided to activate BCPP from ERTP, skipping CMP. Thus, from ERT’s arrival at the site of calamity, the
company proceeded with the recovery of damage by the general facility department, processing the safety assessment by the envir-
onmental and hygiene department, activating BCPP and establishing crisis management center by the security department, and
announcing the accomplishment of damage recovery by the president of the company. Consequently, all normal operations were
recovered. The detailed recovery memorandum for the earthquake is recorded in Figure 8.
ABC company is one of the largest global semiconductor turnkey companies; therefore, its speed in reestablishing services for its
customers is very important. At just 151min after the earthquake occurred, ABC company headquarters in the USA received the crisis
evaluation report from the branch company in Taiwan. At 10:00h of September 21, the required capacities of the main customers
315

were evaluated and focused on for recovery. After 13:30h, the evaluation report on customer damage had been completed, and

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
 C.-S. LIN, S. KAO AND L.-S. CHEN

ESH & ERT Laboratory

Guard Security General Facility
Member *1 Facility

(9/21) 01:47 Earthquake occurred

(9/21) 01:50 Guard notified building maintenance people & called out for ERT

01:50
(9/21) Power outage: city telephone and pager communication system down
−

01:55

Security Manager (IC)

(9/21) 01:55 called AMT EOC

ESH & ERT verified

(9/21) 02:00 with no chemical
damage & no fire

(9/21) 02:30 Verified T/C building with no damage

Reported status, made

(9/21) 03:02 recommendations
to BMT Leader

(9/21) 03:45 Inspected ISSI site & verified damage status

(9/21) 04:12 Controlled all the T/C & ISSI situation & damage status

(9/21) 04:18 First report to

Headquarter via phone

(9/21) 05:20 Verified Tainan site

with no damage

07:00
(9/21) Re-inspected ISSI building site for detail damage assessment
−

08:40

07:40
(9/21) Recorded ISSI building detail damages
−

08:50

(9/21) 09:00 ERT mission completed

General facility & laboratory facility

(9/21) 09:00 taken over for recovery

Figure 7. The contingency response of the emergency response team for the “first moment” in the earthquake that has occurred

emergent demands for the necessary components for customers in Taiwan were submitted to the headquarters for the necessary
support. At 20:00h of September 23, the headquarters announced the key priorities that global branch companies should support
in relation to the recovery of the Taiwan branch. In the meantime, ABC company organized an emergency recovery team that
included 230 technical engineers to assist customers in recovering the normal functions of their facilities. Figure 9 (a, b, c) highlights
the process of assisting customers to recover their facilities, which included 1473 wafer machineries. At 18:00h of September 26, the
headquarters sent a safety assessment team to Taiwan, which included 18 engineering specialists, and a 4-day safety assessment pro-
cedure was executed. Recovery tasks were completed at 17:30h of October 4. The overall customer site production machine recovery
rate, with time progress after the initiation of BCPP by ABC company, is shown in Figure 10.
Since the initiation of the BCPP was announced in the disaster recovery process, the six BCP meetings and two BMT meetings were
the most critical and important activities. The key discussion issues of the BCP meetings were to control the on-site situations, decide
on the implementing plans, assign tasks, and check the results of the operations. The main points of the BMT meetings were to gather
together all the information (which appeared to be from the bottom up, based on the updates of the BCP meetings) and allocate
resources (which appeared to emanate from the top down to the assignment of operation in the BCP meetings). Therefore, the opera-
tions of the BCP and BMT meetings were closely related.
Collectively, in this case, in response to the earthquake disaster, there were several key successful factors utilized to assist custo-
mers, which are summarized as follows:

• the
There were on-call customer service engineers dispatched for each customer, and whenever there was any necessary requisition,
316

responding personnel would be placed on-call.

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
C.-S. LIN, S. KAO AND L.-S. CHEN

9/21 9/22 9/23 9/24

midnight midnight midnight midnight

(1)
(3) (26)
(2) (27) (37)
(5) (18&19) (36)
(4) (25) (28)
(6) (7) (17) (20)
(16) (29)
(9) (24) (35)
(8) (15) (30) (34)
(11) (23) (31)
(10) (14) (21) (32) (33)
(12) (13) (22)

9/21 9/22 9/23

noon noon noon

(1) Chi Chi earthquake occurred, electric power shutoff (9/21 01:47 AM)
(2) Guard notified building maintenance people San-Fu & ERT (9/21 01:50 AM)
(3) Security manager called the local CEO (9/21 01:55 AM)
(4) Inspected the local main building site (9/21 02:30 AM)
(5) Reported initial status & recommendation to BMT leader (9/21 03:02 AM)
(6) Inspected other building sites (9/21 03:45 AM)
(7) Made a first report to Global Headquarters via phone (9/21 04:18 AM)
(8) Guard verified Tainan site had no damage (9/21 05:20AM)
(9) Re-inspected building sites (9/21 07:00 AM)
(10) Local Operation VP/ BMT leader reported the initial damage to the Taiwan (28) Recorded “Conditional On Duty” message for employees (9/23 06:00 AM)
President (9/21 07:50)
(11) BMT determined 9/21 was not a working date (9/21 08:20 AM)
(12) The 1st BCP meeting (9/21 10:00 AM)
(13) Re-inspected all buildings’ damage (9/21 11:00 AM)
(14) ESH arrived at Nankan Office Site to verify no damage (9/21 14:30 PM)
(15) Set up Temporary Spares Operation headquarters at main building, 1F
(9/21 15:00PM)
(16) Wrote first damage report to Headquarter (9/21 18:47 PM)
(17) Fixed ISSI building’s damage (9/21 19:00 PM)
(18) Continued monitoring of earthquake damage (9/21 19:00 PM - 9/22 10:00 AM)
(19) Continued guarding company properties (9/21 19:00 PM - 9/22 10:00 AM)
(20) The 1st BMT meeting (9/22 10:00 AM)
(21) The 3rd BCP meeting (9/22 11:30 AM)
(22) TTL prepared the check-up list (9/22 14:00 PM)
(23) Established temporary work stations (9/22 16:00 PM)
(24) The 4th BCP meeting (9/22 17:00 PM)
(25) BMT Leader reported to Headquarters management (9/22 19:54 PM)
(26) T/C building power backed on (9/23 01:56 AM)
(27) ISSI building power backed on (9/23 05:00 AM)
(29) Employees started checking “Conditional On Duty” message (9/23 06:30 AM)
(30) The 5th BCP meeting (9/23 09:00 AM)
(31) The 2nd BMT meeting (9/23 10:00 AM)
(32) Inspected Consilium site(9/23 12:30 PM)
(33) The 6th BCP meeting to announce BCP mission accomplishment (verbal) (9/23 17:00PM)
(34) BMT Leader announced BCP mission accomplishment (E-Mail) (9/23 19:57 PM)
(35) BCP recommended moving out of the Consilium building (9/23 19:02 PM)
(36) Taiwan President expressed appreciation (E-Mail) (9/23 19:57 PM)
(37) BCP Program Manager issued formal report to BMT (9/24 02:30 AM)

Figure 8. The recovery memorandum for the 9/21 earthquake

• notification
After the occurrence of the disaster, customers were notified by the on-duty engineers; the customers were appeased with this
and adopted the corresponding measures.
• customers
Both on-site operation and service managers were sent to the customers at the first instance of the disaster and assisted the
in evaluating the damage to machinery, realize the request of demands, and establish the recovery plans together
with the customers.
• Although detailed information on damage in the machinery of the customers was difficult to assess immediately, the profes-
sional judgment of the engineers allowed for the needed parts for repair to be estimated and the orders of parts directly sent
to headquarters (located in USA) in advance.
• There were 230 engineers organized into a team to assist the recovery of machinery for customers within 2days. The team was
also assigned to work on the first priority mission, which was to support the recovery works for customers.

7. Conclusion
A business contingency plan is highly dependent on industrial characteristics such as type (chemical, semiconductor, machining,
banking circles, hotel, information provider, and others), organization structure, company location, business operation style, internal
business processes, and supply chain. Based on these characteristics, the planning process presented in this paper has clearly shown
the path taken in the event of a problem escalating into a disaster, or an event that necessitates the declaration of a disaster status.
Business continuity should be integrated into the design of the infrastructure to prevent a localized event from disrupting the entire
organization’s processes. Moreover, the organization should work out its own contingency plan to produce a detailed output. In rela-
tion to this, we indicate seven points of failure planning for reference to practitioners:
1. A practical and feasible BCP should be tailor-made to fit the business style and internal organization, as well as the operation
process. There is no one-size-fits-all solution for the BCP. The impact of a fire to a chemical plant is quite different from the
impact of the same to a hotel. In most cases, “copying exactly” other companies’ BCP is not feasible, even if they come from
the same industry.
2. Deficiencies in the tests. Organizations that spend time, effort, and expense to construct BCPs but do not test them are not
managing their investments wisely.
3. The BCP system should coincide with crisis management and the ERT system. Thus, a high-frequency event with low business
impact should be handled by the ERT while a low-frequency event with high business impact should initiate the BCP, which is
317

the correct move as shown in Figure 1.

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
 C.-S. LIN, S. KAO AND L.-S. CHEN

(a)
Account Team Customer Support
General Manager Site Operation Sales Service Team Service

(9/21) 01:47 Earthquake occurred

(9/21) 01:56 Contact customer for situation

(9/21) 02:00 On-call CE responded

(9/21) 02:13 Customer site damage forecast & communicate with one another

On-call CE arrived
(9/21) 02:30
at customer sites

(9/21) 02:30 - 08:30 1. Customer site without power 2. Fab access control for safety concerns
3. Nothing can be done, just stand-by

(9/21) 08:30 Meeting to discuss customer sites damage & task assignment

Arrived at customer sites for detail damage,

(9/21) 08:55 - 10:00 service requirement, & Customer
Recovery Plan

(9/21) 10:00 - 11:30 BMT meeting at President’s

office

A B

(b)
Account Team Customer Support
General Manager Site Operation Sales Service Team Service

A B

(9/21) 11:30 BCP

(9/21) 12:00−12:30 Team II Meeting for Customer Site Detail Recovery

(9/21) 12:30−13:30
Customer Damage Report Response & CE and Parts Requirement List
APSE Manpower Assignment for Customer Recovery

(9/21) 16:00 Tai-Power confirmed that no power would

be provided today

Assign One CE stand-by

(9/21) 17:30−21:00 on customer site

(9/22) 09:00−09:30 Customer sites situation updated & summarized

(9/22) 10:00−11:30 Contact Customer’s Top Manager for Contact Customer’s staff &
requirements & expectations engineer for Fab. & system
recovery requirement

(9/22) 11:30−12:00 Forwarded customer’s

requirements

Figure 9. (a). The process to assist customers to recover their wafer machineries. (b). The process to assist customers to recover their wafer machineries. (c). The process to
assist customers to recover their wafer machineries

4. It is necessary to adequately maintain the BCP content in response to the changes coming from the business, product style,
service style, organization, and internal processes. Otherwise, the BCP program will become a dead document in the archives
in the long term.
5. Consistent support from top management is indispensable. This management philosophy is the same as implementing ISO
9001 for quality management, ISO 14001 for environmental management, OHSA 18001 for safety management, and ISO
27001 for information security, among others.
6. To clearly define roles and responsibilities in the ERT, crisis management, and the BCP is mandatory. A workshop or rehearsal is
318

also indispensable for an enterprise-wide accountability and coordination consideration.

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
C.-S. LIN, S. KAO AND L.-S. CHEN

(c)
Account Team Customer Support
Site Operation Sales Service Team
General Manager Service

(9/22) 12:00 Assign CE to stand-by

C
on customer site
(9/22) 12:00 Verify Spares Orders
& Delivery Status

(9/22) 12:00 - 24:00 Tai-Power still without power

(9/23) 02:00 - 05:00 T/C Building recovers power at 02:00 & ISSI Building recovers power at 05:00

(9/23) 09:00 HSIP recovers 20% Power

(9/23) 09:00 - 09:30 Customer site situation updated

& summarized Set-up Temporary
Spares Operation
(9/23) 10:00 Center at T/C 1F

Provide Team II CE entered Customer Instruction from Office

(9/23) 12:00 Emergency Response Site for System damage of President to provide
Plan to Customer evaluation spares to Taiwan
with 1st priority
BCP Meeting BMT’s leader
(9/23) 17:00 CE issued customer site
announces Taiwan office is back
to normal operations damage report
(9/26) 15:20
Cancel unrequited parts and ship back redundant parts
(9/26) 18:00 Global Headquarters Safety Assessment Team (17 members) came to Taiwan
(9/29) 18:10 Initiated Safety Assessment Overall Report

(9/29) 19:20 Continue Customer Fab Machine Recovery

(10/04) 17:30 All Customers’ Machines Recovered

Figure 9. (Continued)

120 • ABC Company formed

taskforce team with 230
ABC Support Customer Recover Production Machine (%)

engineers to support Machine Recovery Target 100%

semiconductor customers in
recovering production
100 machine at Fab. 100
98.1 98.3 98.3 99 100%
97.6
Tai-Power recover power supply (%)

91.2 94.1 95.8

84.4
80 80%
• Tai-Power began
to provide •Checked 74.6
electrical power facility and
production ABC Company (USA)
60 on 9/23, 2 days
machines assigned semiconductor
later after quake.
machine recovery team
with 25 members
coming from worldwide
40 40 41.8 to Taiwan.
ABC Company (USA) sent
safety assessment team
with 18 members to Taiwan.

20 20

0
0
Day 1 Day 3 Day 5 Day 7 Day 9 Day 11 Day 13 Day 15 Day 17
(9/21) (9/23) (9/25) (9/27) (9/29) (10/1) (10/2) (10/3) (10/4)

Figure 10. Customer Fab production machine recovery after the 9/21 earthquake

7. The establishment of an overall system with the progress of ERT (first), CMT (later), and the BCP (last) is recommended because
the ERT can handle low-frequency issues with low impact. In addition, the ERT is a low resource–consuming process. Above all, it
is the foundation of the crisis management or the BCP. Establishing the BCP entails more resources, and initiating it to deal with
low-frequency issues is impractical.
The future of an organization depends on its preparedness and the availability of critical resources during times of disasters. These
319

ensure that threats to the company are clearly identified and managed well. This practice can provide practitioners with a model to

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320
 C.-S. LIN, S. KAO AND L.-S. CHEN

implement a contingency plan in an operation environment. This model is demonstrated through a practical example illustrated in
this paper, and the results are both functional and valuable.

References
1. Wainwright VL. Business continuity by design. Health Management Technology 2007 March.; 28(3):20–21.
2. Vijayan J. Business continuity plans embrace networks, people. Computerworld 2002 May; 36(21):12.
3. Tsai CH, Chen CW. An earthquake disaster management mechanism based on risk assessment information for the tourism industry- a case study
from the island of Taiwan. Tourism Management, 2010 August; 31(4):470–481.
4. Smith B. Managing a Flu Pandemic: From the business continuity planning perspective. Accountancy Ireland 2007 Apr.; 39(2):50.
5. Jaatun MG., Albrechtsen E, Line MB, Tondel IA, Longva OH. A framework for incident response management in the petroleum industry. International
Journal of Critical Infrastructure Protection 2009; 2:26–37.
6. Leopoulos VN, Kirytopoulos KA, Malandrakis C. Risk management for SMEs: Tools to use and how. Production Planning & Control 2006 April;
17(3):322–332.
7. Business Continuity Institute. Business continuity management Good Practice Guidelines 2008. British.
8. Henry A. Preparing for the unknown: developing a business continuity plan. Rural Telecommunications 2006 Nov/Dec.; 25(6):14–20.
9. Gouldson T, Schick S. The plan to master disaster. Computing Canada 2002 January; 28(2):12–13.
10. Anonymous. Business continuity plan stems the flood. Credit Management 2007, August; 14.
11. Chow WM. Y2K contingency planning. Production Planning & Control 1999; 10(8):787–795.
12. Goldberg EM. Sustainable utility business continuity planning: a primer, an overview and a proven culture-based approach. The Electricity Journal
2008; 21(10):67–74.
13. Bielski L. Business continuity planning must step up. ABA (American Bankers Association) Banking Journal 2003 Nov.; 95(11):52–54.
14. Sundararaj G, Aravindan P, Devadasan SR, Muthu S Risk prevention and management in blast furnace operation through mock drill exercise.
Production Planning & Control 2000; 11(2):197–206.
15. Knemeyer AM, Zinn W, Eroglu C. Proactive planning for catastrophic events in supply chains. Journal of Operations Management 2009; 27:141–153.
16. Strohl E. Four essential components of a well-established business continuity plan. Community Banker 2007 June; 8.
17. Miller KC. How to meet FFIEC minimum requirements for business continuity planning. Hoosier Banker 2004 Jan.; 88(1):36–37.
18. Karakasidis K. A project planning process for business continuity. Industrial Management & Data Systems 1997; 97(8):320–326.
19. Anonymous. How to ensure the continuity of your business. Windows 95 Professional 1998, Oct; 3(10):1–4.
20. Howell D, Windahl C, Seidel R. A project contingency framework based on uncertainty and its consequences. International Journal of Project
Management 2010; 28(3):256–264.
21. Woods M. A contingency theory perspective on the risk management control system within Birmingham City Council. Management Accounting
Research 2009; 20:69–81.

Authors’ biographies
Chin-Sen Lin is an Assistant Professor in the Department of Industrial Engineering and Management, China University of Science and
Technology, Taipei, Taiwan. He received his Ph.D. in Industrial Engineering and Management from National Chiao Tung University,
Hsinchu, Taiwan. His previous career in practical fields includes a senior specialist at International Cooperation and Development Fund
and a project manager at Cooperate Synergy Development Center, Taiwan. His teaching and research interests include quality man-
agement, operation management, and supply chain management.

Sunny Kao is the director of the Total Quality Management Department at Hermes Epitek Taiwan. He has earned 14 years of quality
management experience in the semiconductor equipment industry working for global companies. In the past 20 years, his major
working fields have been industrial engineering, quality engineering, business process management, ISO 9001 quality management
system, crisis management, and design quality assurance. He received his MS degree in Management Science from National Chiao
Tung University, Taiwan, in 1986. He received his 11th Best Practice of Quality Management Award, granted by the Industrial Devel-
opment Bureau of Taiwan, in 2000.

Long-Sheng Chen is an Assistant Professor at the Department of Information Management, Chaoyang University of Technology,
Taiwan. He received his Ph.D. in Industrial Engineering and Management from National Chiao Tung University, Taiwan, in 2006 and
his BS and MS degrees both in Industrial Management from National Cheng Kung University, Tainan, Taiwan, in 1998 and 2000,
respectively. His teaching and research interests include quality management, data mining, blog mining, class imbalance problems,
and neural networks applications.
320

Copyright # 2011 John Wiley & Sons, Ltd. Qual. Reliab. Engng. Int. 2012, 28 307–320