BCP · operational resilience
Business continuity plan
BIA 8 procesos críticos · MTPD (Maximum Tolerable Period Disruption) quantified · workforce continuity 6 escenarios · activation protocol 8 fases · testing schedule trimestral. Complementary a DR plan · foco operativo + people-side resilience.
BIA · Business Impact Analysis · 8 procesos críticos
| Proceso | MTPD | RTO | Impacto | Dependencias |
|---|---|---|---|---|
| WhatsApp inbound processing (webhook → bot response) | 4h | 30min | P0 · clinic conversations broken · patient frustration immediate · revenue impact directo cuando paying clients | Cloudflare Worker · OpenAI API · Meta WhatsApp API · Supabase DB |
| Bot response generation (LLM inference + guardrails) | 8h | 1h | P0 · fallback mode templates pre-aprobadas · degraded experience pero functional | OpenAI API + Anthropic fallback · Sentry monitoring · cost-cap breaker |
| Booking integration (Cal.com sync) | 24h | 2h | P1 · manual booking via clinic admin posible · degraded UX bot | Cal.com cloud · webhook QStash · DB persistence |
| Stripe billing + subscription management | 72h | 4h | P2 · billing delayed pero transactions auditable · trust impact si visible cliente | Stripe webhook · DB persistence · idempotency keys |
| Admin dashboard (clinic-facing config + metrics) | 24h | 2h | P1 · clínicas no pueden auto-servir · soporte manual fallback | Cloudflare Pages · Supabase Auth + DB · admin.ts logic |
| Status page + monitoring | 12h | 1h | P1 · transparency degraded · trust impact si incident concurrent | UptimeRobot · Sentry · status page static |
| Founder availability (decision-making + ops) | 48h | 12h | P0 si concurrent incident · daily ops continuable via automation 24-48h | Founder + automation cron jobs + Memory MCP knowledge + ChatGPT auditor |
| Legal + compliance response (data subject requests · breach notification) | 24h legal · 72h breach | 4h | P0 si breach · regulatory deadline pasa · multa AEPD potencial | Founder + legal advisor familiar + runbook documented |
MTPD = Maximum Tolerable Period of Disruption antes daño irreversible negocio/cliente. RTO = Recovery Time Objective.
Workforce continuity · 6 escenarios
Founder solo · ilness ≤7d
Automation crons continue · ChatGPT auditor reviews weekly · clients informados delay non-urgent · auto-reply email/Slack · plan documented `/founder/MASTER_PENDING_JONATAN.md`
Founder solo · ilness 7-30d
Escalate emergency contact (família legal designado) · activate runbooks ops automated · disable risky operations · communicate paying clients estado real · refunds proactive si SLA breach
Founder solo · ilness >30d
Activate legal succession plan documented · transfer access trusted advisor · evaluation continuity vs wind-down · clients refund automatic + data export portable formato
Co-founder hire (planned post-tracción)
Backup founder availability · cross-training documented · shared on-call rotation · reduce single-founder dependency · accelerate hiring si traction signals
Key engineer hire (post-tracción Q4 2026)
Specialization backend engineering · shared admin.ts + process-message.ts knowledge · runbooks ejecutables sin founder · reduce key-person risk
Office space dependency (NOT actual)
Distributed-first by design · WeWork backup option Catarroja · home office founder primary · 0 single-location risk
Activation protocol · 8 fases
- T+0 · TRIGGER: BCP activation por: incident P0 >2h · founder unavailable 24h+ · regulatory action · major vendor outage cascade
- T+15min · ASSESSMENT: Founder (o backup designated) evalúa scope · severity · expected duration · communication needs
- T+30min · COMMUNICATION: Status page update · email cliente afectados directly · Twitter post si visible externa · informar trustees designados
- T+1h · MITIGATION: Execute relevant runbook según process afectado · prioritize critical processes (P0 first) · degraded modes activated
- T+4h · CHECKPOINT: Re-assess situation · adjust strategy · escalate si MTPD approaching · communicate update stakeholders
- T+24h · DECISION POINT: Continue vs wind-down evaluation si founder unavailable · activate succession plan si necessary · clients refund/migration proactive
- T+72h · POST-RECOVERY: Full assessment · postmortem mandatory si visible cliente · update BCP based on lessons · communicate resolution stakeholders
- T+30d · REVIEW: BCP effectiveness review · update procedures · test alternativas si gaps identified · improve communication patterns
Testing schedule · 5 cadences
- Trimestral · BCP tabletop exercise · scenario simulated · response walkthrough con stakeholders · postmortem written
- Semestral · Communication drill · status page + email + Twitter coordination · vendor notification timing measured
- Anual · Full simulation · escenario worst-case (founder unavailable + vendor outage) · activation succession plan partial · documented learnings
- Trigger-based · Post-incident real · BCP effectiveness reviewed · gaps identified · plan updated · re-test scenario relevant
- Onboarding · Cada new hire (post-tracción) · BCP overview + role-specific responsibilities · access verification trustees
Single-founder dependency · transparent disclosure
BCP actual depende substancialmente de solo founder availability. Mitigations parciales documented (automation crons · trustees designated · runbooks public). Full mitigation requires co-founder/engineering hire planned post-tracción primeros 5-10 clientes pagando.
Esta dependency es transparente públicamente · NO oculto como muchos competidores pre-revenue. Trust comes from honesty about constraints + clear plan for resolution.
¿Tu procurement necesita BCP detallado?
Para clínicas Enterprise + DSOs · BCP detallado con contact info trustees · escalation matrix · BIA quantified per-process · ejercicios documentation disponibles bajo NDA Enterprise.