Hurricane season 2006 is here and it is time to re-evaluate the lessons learned from last year’s destructive hurricanes. Due to the 2005 hurricanes’ size and strength, financial and operational repercussions will impact organizations for the foreseeable future. It is vital to note that the degree of impact, from a corporate perspective, could have been mitigated with appropriate advance planning and preparation.
Preparation is especially critical for small and mid-sized organizations, which account for 50 percent of all private sector workers and nearly 45 percent of the nation’s payroll. Most of these firms understand the importance of being prepared, yet perceived obstacles such as high cost and substantial time commitment often discourage them taking the first step in developing a recovery plan.
For small businesses, employees are the most important asset. However, people-planning often lags behind data and information technology planning when it comes to creating a disaster recovery plan. Most organizations do not have a “call list,” nor do they plan the logistics of getting their employees back to work. In a disaster, carefully planned logistics are the key to remaining in business, retaining consistency and fulfilling promises to your customers.
Small and mid-sized businesses that survived the the 2005 hurricane disasters outlined three areas of critical importance to successfully re-storing their business: maintaining an information technology (IT) plan, a business continuity plan and a crisis management plan.
IT plans vary depending on the size and scope of an organization and its technology infrastructure. Plans may include backing up data through an off-site storage vendor; maintaining redundant servers in multiple locations to protect critical data; maintaining duplicate operations capabilities from a Web-based scenario; and having a plan to restore critical technology infrastructure. While essential, an IT plan alone will only assure the restoration of data and technology. However, these are only a small piece of the puzzle.
A business continuity plan offers an organization an additional level of preparedness. This plan addresses everything from the organizational structure to processes to people. A business continuity plan emphasizes logistics, employee information, call lists, operational rules and procedures, plans for redirecting vendor deliveries (as appropriate), and much more. Maintaining a up-to-date business continuity plan is key to maintaining an efficient and operational organization in times of disaster.
A crisis management plan is the third type of plan that all organizations should both create and maintain. This plan includes employee files (as appropriate), emergency operational procedures and policies, emergency logistics plans, and more. A crisis management plan helps facilitate a smooth transition between normal business operations and catastrophe response. When used in tandem with the IT plan and the business continuity plan, the crisis management plan enables an organization to resume operations in a significantly shorter period of time, while managing employees, assets, customers, vendors, and significantly increasing the chances of achieving long-term business success.
When beginning the processes associated with planning, it is imperative to consider your business’ key assets.
First, you must prioritize your most critical assets; this is usually the staff. Then, you must determine how to manage those assets. The risk to all assets in an organization, regardless of whether they are people, products or technologies, must be assessed from an internal and an external perspective.
How do these assets impact your everyday business operations? In case of an emergency, what is the plan for locating, supporting, relocating, and/or accessing those assets?
After an analysis of assets, critical business operations/functions must be assessed.
What are they and how do they rate on a scale of importance (from most important to least important)? How will you handle having them impeded for a period of time? What are your supply chain preparedness plans? Have remote locations been arranged for suppliers to bring supplies and is there a means to contact them to stop supply flow for a pre-determined amount of time? How can the supply chain be contacted, and who are the contacts in each vendor location? Who will assume the responsibility, in a disaster? Finally, what is your definition of a disaster?
Managing all of the details and challenges of facing a disaster requires a crisis manager and an emergency management plan. This plan should include crisis communications (both internal and external) policies and procedures, an IT management plan, a business operations plan, and more. For each business this plan will differ, although with proper implementation the results will be the same; your business will remain in business.
Emergency preparedness kit
The crisis manager should have an emergency preparedness kit that includes: insurance plans and access; plans for alternate locations; logistics information; database and backup IT access; organizational emergency numbers and contact information for vendors and employees; health insurance contact information; and more.
Most important, the planning process should include a debrief, in essence, a fire drill practice, because an untested plan is as good as no plan at all.
Bob Boyd is president and CEO of Agility Recovery Solutions.
Was this article valuable?
Here are more articles you may enjoy.
As Rates Rise, Majority of Homeowners Say Insurance Industry Is in Crisis: Survey 
Allstate, Nationwide Post Dramatic Q12024 Homeowners Loss Ratio Drops: S&P 
US Judge Skeptical of Biden Overtime Pay Rule 
Three Charged With Helping Agents Cheat on Florida Insurance License Exams From This Issue
