“If you want your business to survive for 100 years, you’ve got to make it through every single day for 100 years. It’s not enough to do it 99.9% of the time.” – Warren Buffet (2010)
Businesses need sophisticated disaster recovery planning
There is no way to predict exactly when a disaster will hit or what it might do. For that reason, many companies ignore the urgency to plan for the unexpected, as they feel like they:
• do not know what to plan for
• have other more pressing issues
• think a disaster will never happen to them
A majority of companies are unprepared when it comes to planning for the unexpected. These organizations should take a lesson from those that were not prepared when a disaster hit (whether it be an illness, flood, fire, office break in, breach of confidential information, brand tarnishing activity, etc.) In almost every case, if there was a time machine, and the disaster was still unavoidable, they all say they wish they would have planned better so they could have been more prepared.
Here are ten things to think about when creating and instituting a disaster recovery plan:
1. Potential threats. What could happen to you or your business? How long might the effects of a disaster carry on?
2. Diversification. Is there a geographic risk? Is there a personnel risk, with responsibilities not being distributed? Is there a systems risk?
3. Assess. How unprepared is the organization? Who needs to be involved to prioritize this initiative versus other business interests?
4. Identified vulnerabilities. Are there immediate areas for improvement? Are there longer-term fixes needed? What insurance is in place? Is more insurance needed?
5. Point people. Who should be involved in creating a plan? Who should exercise the plan if the time ever comes when it is needed? Is there a continuity plan in case the main point of contact is no longer available? What internal resources can be shifted to maintain essential functions? What outside resources are needed?
6. Training. Are those that will be called on during a disaster prepared? Are drills needed? How often is training required? What triggers the plan to go into effect?
7. Stakeholders. Who are those that can be impacted? How will they be helped, if needed?
8. Communications. How will the disaster recovery team be notified? What messages need to get out? Will website communications, emails, letters, phone calls, press releases, social media conversations, etc. be needed for the stakeholders? Is the contact information readily accessible in case of a catastrophe?
9. Technology and equipment. With so much information stored electronically, what can IT do to keep the organization prepared? What back ups and safeguards are needed? What software and hardware is needed? Is any equipment needed? What about existing inventories?
10. Revisions. How often should the disaster recovery plan be reviewed and possibly updated? If a disaster takes place, even if it only impacts another organization, what lessons can be learned to improve the existing plan?
Does your firm have a disaster recovery plan?
If not, or if it needs to be revised, do not procrastinate. Contact Byrnes Consulting for assistance getting prepared before it is too late.
