407-445-2414 info@wrmllc.com
Expect the Unexpected: Mitigating the Risks of Natural Disasters

Expect the Unexpected: Mitigating the Risks of Natural Disasters

As we’ve seen with the recent Kilauea volcanic eruption and last year’s catastrophic hurricane season, natural disasters are becoming more frequent and dramatically more powerful. In fact, NOAA recently reported that weather and climate disasters reached an all-time high in damage costs within the United States, exceeding $300 billion in 2017.

In the face of these increases, companies have a social responsibility to maintain a strong disaster recovery strategy. How can your company prepare to combat the risks from these seemingly unpredictable events? Implementing a proactive risk management approach can help companies better prepare themselves, their employees and their communities to minimize damage and loss in the face of these destructive events. But these strategies cannot simply be created when a natural disaster strikes. As with anything, careful planning before a catastrophe happens is vital to the continued health and success of a business.

When developing these strategies, it is imperative that both pre- and post-disaster planning is included in the mix, as each plays a critical role in ensuring your ongoing operations.

Maintain a pre-event strategy
It’s important to remember that when a natural disaster strikes, there are both direct and indirect costs to a company. How you plan and address these costs can either save or destroy your business.

With today’s technology, we have the ability to monitor most natural disasters and maintain a better idea of when and how hard they will hit. This isn’t always the case, however. While hurricanes can take time to form before making landfall, oftentimes tornadoes and wildfires happen overnight, making it critical to have disaster plans in place before a disaster strikes.

There are three main areas companies should consider when creating a preemptive disaster strategy: 1) supply chain, 2) employees and 3) business infrastructure.

Maintaining a timely and accurate risk strategy for your company and your employees is incredibly important to protect all of these assets. First, it can help protect your supply chain by providing time to divert your supply chain operations from problem areas.

Additionally, it is imperative to be mindful of conditions affecting your various suppliers and how their potential risks can affect your operations. Armed with this knowledge, you can proactively develop supply chain diversion strategies to maintain efficiency and production. While you may not have the threat of a natural disaster, one of your largest suppliers might. So think ahead, make a backup plan and monitor both your own operations and those of your supply chain.

As we all know, employees are central to each and every business. An established risk mitigation strategy will include notifying employees so they have time to protect themselves and their family. It can also help management decide if and when to send employees home to help keep them safe.

Finally, a preemptive strategy needs to consider the effects of a disaster on business infrastructure. How will you prepare your building and operations for the threat of a flood or tornado? Do you have access to the proper reinforcements and equipment to accomplish these preparations? A well-established pre-event risk management strategy can help with these issues and also minimize damage so that you are not left picking up the pieces of what could have been a protected building or warehouse.

Implement a proactive post-event strategy
When developing a post-event disaster plan, the best strategy is to think long-term, as short fixes are just that—short fixes.

Consider the upstream impact of the disaster. Damage to raw materials and supplier areas can amount to huge indirect costs. So how can you avoid this? One way is by ensuring your pre-event plan is efficiently put into effect and is able to redirect any necessary supplies. It is also imperative to have a successful remediation strategy in place to recover from the effects of a disaster for both your operations and those of your supply chain. Be prepared to re-establish your supply chain and be sure it is completely intact post-disaster.

Many disasters also have long-lasting impacts that cause companies to have a lengthy rebuilding process. Have a plan for secondary supply chain options to ensure ongoing operations in case a supplier is out of service for a longer period of time. The problems don’t end when the disaster ends, so be sure to build out contingency plans for your operations through the potential recovery months.

Your post-event remediation strategies must also consider your physical office environment. Ensure there is a plan to check that equipment is operational and know how to repair or find replacement equipment to get operations up and running as soon as possible. Focus on rebuilding the business ecosystem from the supply chain, to operations, to your employees.

Finally, consider how you will get your employees back to work, and not just for the immediate future. Invest in your employees, and they will invest in you. After natural disasters, your employees could be facing damaged or destroyed homes, the loss of loved ones and even personal injuries. Look at what the company can do to help ensure their well-being so that they are willing and able to return to work.

Inevitability doesn’t have to mean susceptibility
Regardless of location, natural disasters are going to occur that affect you and your business to some extent. That is a fact of life. But it doesn’t necessarily mean that your company is susceptible to the significant damages and costs associated with these disasters.

Maintaining open lines of communication with your leadership and employees will help you develop and implement a strategic plan before and after nature takes its course. As we face the upcoming hurricane season and other inevitable disasters, it is better to mitigate the risks and susceptibility so that your “in case” plan doesn’t become “we should have.”

Source: Risk Management Monitor

Author: Quin Rodriguez

The critical role of processes in your disaster recovery strategy

The critical role of processes in your disaster recovery strategy

Yet with the ever-increasing threats from both natural and man-made disasters – from the devastating fires and flooding in California last year through to the recent impact of Intel’s chip flaw that opened the door to potential hacking – is there anything more that IT departments can do to perfect how their organization both prevents and reacts to business disruptions?

Surprisingly, more than 1 in 3 businesses admit they don’t have a disaster recovery policy in place, a figure that is even higher amongst smaller businesses where an estimated 3 out of 4 are reported to have no contingency measures at all.

With our increasing reliance on technology and the reluctant acceptance that most technology is vulnerable to potential downtime, the CIO or IT manager is the obvious choice of leader to take responsibility for the whole disaster recovery plan, whether it’s due to a technical problem or other factors.

The ripple effect of abnormal events not only affects the IT department but can have serious repercussions on all daily operations including financial management, customer experience, HR, and workflow, etc.

Whilst CIOs regularly consult with other members of the C-suite on devising a risk management strategy, there are significant advantages to garnering the support of key employees across the whole organization, on a continual basis.

To ensure your disaster recovery plan anticipates every eventuality it’s essential to get ‘buy-in’ and input from all departments, so you can be confident that your plan is as informed, up to date and effective as possible.

Here are some recommendations on how to maximize the knowledge, creativity, and strength you can draw from key players across the organization.

Produce a clear mandate

During ‘business as usual’, a robust process management discipline and a strong process culture provides a firm foundation for teams to document and develop new and innovative ways of working and can help a company drive competitive advantage and innovation.

However, do employees know what processes to follow when the extraordinary occurs? Whether the Internet or phones go down, sensitive customer data is stolen, or severe weather stops them from getting into the office, clarity, and communication of disaster recovery processes is just as important as the plan itself. Every member of staff needs to know when and how to trigger a disaster recovery response, as well as be aware of who else is part of the team.

Part of the CIO’s remit should be to oversee the design and build of processes that are easy and clear for all personnel to find and follow, every day. In a disaster situation, it becomes imperative for staff to act with minimum delay, limiting the damage that could result from a disaster.

Build easy to follow checklists

One way of communicating unequivocally is to introduce simple checklists as advocated by US doctor, writer and speaker Atul Gawande in his book “The Checklist Manifesto”.

By getting the basics right, well-designed checklists have been proven to cut through unnecessary complexity and encourage transparency, leading to a 35% reduction in complications in hospital operations. These same fundamental principles can be applied to the corporate world where teams are responding to an emergency or extraordinary incident.

You also need to consider how and where to store this critical process information and make it easily accessible to all key staff.

Stage regular ‘fire drills’

Like most insurance policies you hope you’ll never need to claim on them, but you need to know that you’re fully covered. Regularly testing and modifying your disaster recovery processes will keep them up to date and make sure they work. Set up simulation exercises to rehearse what everyone’s roles are during a catastrophe.

With today’s accelerated pace of business change, a month-old plan may soon become obsolete. Organizations need to monitor changes in general circumstances like impending legislation. They also need to be sensitive to company or market-specific conditions such as when a key person leaves and joins a competitor, a laptop goes missing or perhaps a product needs to be recalled.

As soon as a new threat appears on the horizon it needs to be factored into the overall disaster recovery strategy immediately.

Crowd-source ideas and share responsibilities

With a collaborative and collective approach that encourages everyone to work as a group, it’s simpler to both create and follow agreed checklists so you can minimize the impact of unforeseen circumstances.

Employees on the front-line are often best equipped to advise on what level of impact disruptions may have on themselves and other departments. For example, the service manager can give the most insight on the scale of a spike in customer enquiries after your IP network goes down.

By leading the charge for a proactive, constantly-evolving approach to disaster recovery, CIOs can be confident that the entire operation is fully prepared and protected for when the unexpected occurs.  Rather than panic-stricken employees bombarding you with support calls, instead there is state of relative calm as everyone already knows what they should do and can focus on executing an agreed plan.

Putting in the advance groundwork during quieter times not only leads to cooler heads during more turbulent times, but will also make a tremendous difference to your customers, employees and future business performance.

Source: CIO

Author: Ivan Seselj