When the world is chugging along as normal and business operations only have the usual risks to monitor, it can be easy to put aside business continuity planning. But, as we’ve all discovered in recent weeks, anything can happen at any time, and businesses must be ready to pivot operations quickly, efficiently and safely as and when needed.
The quick global spread of COVID-19, colloquially known as coronavirus, has thrown the world into disarray. The markets are in a nosedive, governments are shutting down entire countries and most organisations are having to quickly embrace remote working to keep the lights on and keep clients serviced. Those who do not have the capability to support workers at home – and that are not essential services such as healthcare or sanitation – are currently going through a trial by fire, with operations stymied and revenue under threat.
Businesses are rushing to set up work-from-home arrangements, or take out subscriptions for online meetings and cloud collaboration technology. Priorities are shifting dramatically as we enter uncharted territory. This lack of preparedness could well see many businesses going under – but if those organisations had created a robust business continuity plan ahead of time, they would know exactly how to handle such a crisis and weather the storm.
What is a business continuity plan and why do you need one?
A business continuity plan, or BCP, refers to the process a company will take to prevent and recover from potential threats to the organisation. It ensures personnel and assets are protected and able to function in the event of a disaster, and is generally part of overall risk management – that is, best practice dictates that you consider your business continuity plan ahead of time, not when a crisis hits.
Your business continuity plan considers what those risks may look like – both physical threats such as fire or flood and those threats that are harder to pin down, such as hacks and pandemics – and then determines:
- How those risks will impact operations
- How you’ll implement safeguards, procedures and policies to mitigate the risks
- How you’ll test procedures to ensure that they work
- How you’ll review the process to keep it up-to-date
It includes a summary of the most critical business processes and functions – those aspects that, if they failed, your business would be unable to operate – as well as internal and external communication strategies, clear instructions for accessing and restoring offsite recovery data, any potential temporary offices or locations, and a change log that summarises any updates to the plan for version control purposes.
Without a business continuity plan, you risk your company and its people. Not only could the business fail, but you could also suffer financial loss, a tarnished reputation, and lost productivity. A physical disaster could also impact your employees, potentially causing injury or death.
Ensure continued – and secure – access to systems
With COVID-19 playing havoc with how companies go about their day-to-day activities, the priority for organisations should be on building business resilience. This means being flexible enough to go with the flow while maintaining operations at as normal a level as possible, all while ensuring your employees can access the systems and processes they need to do their jobs. It also means keeping a close eye on matters of cybersecurity.
Those companies that maintain on-premises systems have suddenly found themselves in a pickle, as workers are unable to come into the office with cities on lockdown. The question of how teams will access platforms is an essential part of business continuity planning, and something that smart risk managers had covered long before the pandemic hit. They had thought about how teams would access platforms, assessed what bandwidth they had available for that level of remote access, and had considered whether they needed a temporary increase in network capacity or licenses.
The security question, though, doesn’t just extend to moving to cloud-based operations; hackers and cyber threats will use any crisis to their advantage. Keep an eye out for phishing scams, DDoS attacks, and malware being introduced by employees keen to learn the latest developments in the crisis and not closely examining the links they click on. Security postures should include a review of systems you have in place to stop phishing campaigns and other inbound threat vectors before they hit employees’ inboxes, writes Jason Albuquerque for InformationWeek.
Related: Cyber Security and The Board
Creating a business continuity plan
While every organisation’s business continuity plan will be different, there are some common steps that companies should follow to develop a solid continuity plan. They include:
- Undertaking a business impact analysis to identify functions and related resources that are time-sensitive
- Identifying and implementing steps to recover critical business functions
- Creating a continuity team that will be tasked with devising a plan to manage the disruption
- Training and testing the continuity team, and ensuring they regularly go over the plan and strategies to mitigate risk and ensure they are kept up-to-date
By considering these things in advance, organisations can help to ensure business continuity when things get tough, protecting the business, its reputation, its people, and its customers.
The importance of technology to business continuity for legal operations
Of course, the march toward cloud-based technology to run essential business systems and processes makes business continuity planning a little easier. Once upon a time, you had to be in the office and on the network to access things like entity management software; today, there is a plethora of cloud-based options for all aspects of legal operations, compliance, governance, and risk management work.
Best-in-class providers of these systems are supporting their clients through the current COVID-19/coronavirus crisis, helping them to make sense of the craziness by providing online support, guidance, and tech triage. More than just a software provider, these organisations become an essential partner in times of crisis.
Diligent is one such company, acting as a partner to more than half of the Fortune 1000. Through its cloud-based legal technology platforms, Diligent enables proactive governance to help mitigate the risks of modern business. We believe every business should have the necessary business continuity planning and management strategies, plans, and procedures in place, fully tested at regular intervals, to drive the assurance that when disaster strikes, they’ll be ready. The cost and impact of not being prepared is usually far greater than that of being proactive.
Diligent works to enable business continuity planning by ensuring ongoing access to essential documents, contracts, and entity data through:
- Diligent Entities, which helps organisations to centralise, manage and effectively structure their corporate record to improve entity governance and improve decision-making
- Diligent Boards, which empowers boards and executives with the tools, insights, and analytics to securely access board materials, track company performance and gather real-time information
- Diligent Assurance, which helps organisations to confidently create, manage, and report on the obligations relevant to their business, and always be audit-ready.
Get in touch and request a demo to see how Diligent’s suite of cloud-based governance and compliance software can help drive your business continuity planning and ensure your organisation can continue to operate, no matter what gets thrown your way.
Most downloaded Articles:
Board Portal Buyer’s Guide
With the right Board Portal software, a board can improve corporate governance and efficiency while collaborating in a secure environment. With lots of board portal vendors to choose from, the whitepaper contains the most important questions to ask during your search, divided into five essential categories.
April 16, 2021
Top Trends in Governance, Risk and Compliance for 2021
“You need a good [GRC] system. You need the right data. You need to share the data and take those organisational learnings.” -Zeke Ward, Founder, North Star Compliance Over the past year, companies across industries have navigated diversity, equity and inclusion issues, managed intensifying…
January 29, 2021
Business Continuity Strategy: Options, Best Practice Approaches and Examples
There’s no shortage of things to consider when you’re upgrading your business continuity strategy. For instance: What should your plan cover? What are the critical inputs to the business continuity strategy? What are the different approaches and solutions available? What should the recovery strategies look like within your business…
January 19, 2021
Business Continuity Plan Advantages and Disadvantages for 2021
Do businesses continuity plan advantages and disadvantages exist? The importance of having a business continuity plan cannot be under-estimated. Business continuity strategies – sometimes referred to as disaster recovery plans – are an essential element of organisations planning. “The key to a successful, long-term business is not…