How do you
know when it’s a disaster? When critical
services aren’t happening! Emergency Preparedness, Disaster Planning or
Business Continuity. The goals are ultimately the same: to get an organization back up and running in
the event of an interruption. Emergency planning are those procedures and steps
done immediately after an interruption to business. Disaster recoveries are the
steps taken to restore some functions so that some level of services can be
offered. Business continuity is
restoration planning, completing the full circle to get your organization back
to where it was before an interruption.
Part of
writing a business continuity plan is to think ahead to the possibilities of
what can go wrong and then to make contingency plans. However, you can’t possibly plan for every
scenario; it would take all of one’s time and the plan would never get
done. The goal is not to create a
separate plan that addresses every risk, but to create one plan that addresses
all risks. In other words, you don’t
create one plan for a flood, one for a blackout, one for a blizzard and one for
a hurricane. You just need one plan that
addresses all possibly known scenarios, including the potential physical security weaknesses of a facility. Keep in
mind that during a disaster or an interruption, you can’t count on being able
to drive in, walk in, dial in, or log in.
A disaster
recovery plan is a users’ guide; the documentation for how to preserve an
organization so that it can continue to offer its services. In order for a plan to be useful, it must be
created before an interruption occurs or a fire alarm beeps.
Business
continuity is disaster recovery. Revenue
lost during a disaster is a driving force in business continuity. The reason to do a business continuity plan
is essentially to keep the cash flow coming in and the services going, as well
as the clients being served.
The most
difficult thing is getting started. The second most difficult task is keeping
the plan current. Assign a team to help
create the plan. Enlist the assistance
of various departments to provide needed checks and balances of the different
organizations. It’s a good idea to assign one team to complete the technical
portion, and have a completely different team to complete the personnel
portion.
It is
imperative to appoint key personnel to have the authority to make short-term
emergency decisions. Consider having a “military style” chain of command. Make certain you know who you want to be
that #2 person if your #1 person isn’t present or can’t be reached. These people should have extensive knowledge
and experience with emergency and life threatening situations; considering many
lives may depend on them during a crisis situation. Please keep in mind that your organization
will change in time. Employees come and
go. Programs outlive their usefulness.
Your Emergency Plans must be updated to reflect these changing times.
Related Articles
Simple Steps for Securing your Small Business
Fire Safety Rules for your Business
Burglary Prevention: Risk Assessment for Small Business