Business continuity plans are typically put into action in response to an internal emergency like a ransomware attack or physical facility damage. In some cases, a significant weather event, such as a hurricane, can trigger plan activation for multiple organizations at once. The COVID-19 pandemic, however, interrupted business processes for companies everywhere.
We’ve already been through several months of unusual circumstances, and it’s not certain how long it will continue. Most business continuity plans don’t take into consideration the type of long-term upheaval that we’ve seen during the COVID-19 pandemic. In order to maintain your company’s activities, this is a good time to reassess your business continuity plan.
Planning for Long-Term Disruption
While business continuity plans address interruptions, they typically aren’t designed for long-term disruption. The COVID-19 pandemic that appeared to be a short-term disruption in the first quarter of 2020 has now extended several months with no resolution in sight. Companies are having to rethink nearly every aspect of their operations. Business continuity plans have been put to an extreme test in some cases.
No matter how well your business has weathered the pandemic over the course of the year, you will want to revisit your plan. Reassessment is important, particularly if you want your company to survive these kinds of events in the future.
Steps to Reassessment
Much of what you must reexamine will be familiar territory. Your updated business continuity plan will cover many of the same elements:
- Understand the value of your assets (data, hardware, software, processes, staff)
- Identify your stakeholders (owners, customers, partners)
- Define the core purpose of your plan (resume full operations, partial operations, delay resuming operations)
- Determine circumstances in which plan should be put into effect (who has the authority to trigger it, who is responsible for what)
- Define Recovery Time Objective (how long before resuming full operations)
- Define Recovery Point Objective (how much info loss can be tolerated)
- Determine Maximum Acceptable Outage (how long you can be down)
- Define Minimum Acceptable Service Level (the least amount of acceptable performance)
- Determine how you will notify stakeholders when the plan has been triggered (schedule of notification)
You may find that some of these points have changed over the course of the pandemic, while others haven’t. It’s important to examine every part of your plan from the perspective gained through experience during the pandemic.
Long-Term Business Continuity Planning
Pandemic planning requires that you take a look at the (much) longer term. You may not be able to resume business as usual, with staff on-site, for many months. Some of the items you will need to consider include:
- How do you prepare your staff for long-term remote work?
- What happens when one or several of your suppliers are unavailable?
- How will you keep your procedures and protocols consistent over the long term?
- How will you address data security while your employees work remotely?
- Are there industry regulations you must adhere to even as your day-to-day environment changes?
- Do you have a documented plan to scale your response efforts depending on circumstances?
- Is there a defined strategy for leadership continuity and/or succession?
- How will you deep clean your facility during lockdowns?
The lessons of the COVID-19 pandemic will be different for every business. Just like your business continuity plan is specific to your company, the changes you make will reflect the needs of your company over the long term. The hiccups and challenges faced as a result of this pandemic are pieces of valuable information for future planning.
Partnering With an IT Specialist
With proper planning, regular testing, and reassessment, your business can stay operational no matter what kind of emergency arises. As you examine your company’s pandemic response and reevaluate your business continuity plan, you may need assistance. A technology partner like Lieberman Technologies can help you to determine how and where to revise your IT security. We can help you test portions of your plan and make recommendations for improvements.
Contact Lieberman Technologies for more information!