Unfortunately, companies don’t receive warnings ahead of a catastrophic event. No matter what the event may be — a data breach, natural disaster, healthcare crisis or some other disruptive event — incidents will always happen with little notice. In some cases, these incidents could spell the end of a company. According to the Federal Emergency Management Agency (FEMA), “40% of small businesses never reopen after a disaster, and another 25%, that do reopen, fail within a year.”
While disasters are never easy to handle, there are things businesses can do now to limit the impact of a catastrophic event. One of those things is developing a business continuity plan (BCP). BCPs provide organizations with a plan of action in the event of a disruption.
BCPs are not one-size-fits-all. Depending on an organization’s needs, the plan could cover personnel, key inventory and anything else deemed important during a crisis. The plan won’t be a simple, one-page document. Rather, it will involve multiple aspects of the business and be written in a way that makes sense for any employee, no matter what level.
By having a BCP in place, companies can prepare themselves for adverse, unpredictable events. Here’s how a business can go about creating a business continuity plan of its own.
1. Create a checklist.
Think thoroughly about what you want to be included in your BCP, and start to compile all the necessary pieces in a checklist. Be sure to include things like critical processes, responsible personnel and a communication plan. Beyond what’s included in the plan, think through how the plan could change depending on the situation. Where will the plan be located should an emergency arise? These are all things that need to be established before moving forward with a BCP.
2. Establish the right team.
Developing a BCP is not a one-person job, nor do you want to include too many contributors. Instead, organizations should be thoughtful about who participates in the development of a BCP. Incorporating individuals from different departments, roles and levels will ensure all voices are heard. No matter who is involved, there needs to be a level of support from company executives. Without their buy-in, the BCP will ultimately stall and not be a top priority for the rest of the individuals involved.
3. Identify critical business areas.
For this step, organizations must assess their business as a whole, including assets, people and processes, as well as the harm a potential disruption could cause to each of them. To get started, take a look at what brings in revenue for the business and which customers would be impacted by significant disruptions in those different business areas. From there, businesses can start to get a sense of the potential financial impact and use this information to develop an effective BCP that preserves critical aspects of the business.
4. Bring the pieces together.
With the previous steps complete, it’s time to bring all the pieces together and connect the right people to the appropriate business functions in the plan. Communication is important during this process and will remain important when it’s time to execute the BCP. As previously mentioned, clearly establishing who will be in charge of what will help increase an organization’s odds of business continuing without a hiccup.
5. Test, review, test. Then repeat.
Once you’ve created a draft BCP, you might think the job is done. However, to truly be ready for anything, companies must continue testing the BCP to ensure all parties involved are ready in any situation. Take the time to find the weak areas in the plan and remedy them as necessary or, if tests don’t go so well, consider starting over entirely. Even when the plan is finalized and approved, organizations need to review the BCP on an ongoing basis to ensure it’s always up to date. The testing frequency will be unique to each business, but be sure to test at least two times a year.’
There’s no way to perfectly predict when a company will experience a catastrophic event. By having a BCP in place, organizations can feel prepared knowing there are guidelines on how to handle an adverse event so they can emerge even stronger than before.