The world is changing faster than ever. Is your business continuity plan keeping pace?
Between the COVID pandemic and ensuing shutdowns, supply chain debacles, labor shortage, gas price hikes, increased cyber threats, the war in Ukraine, catastrophic weather events, and now, uncertainties surrounding the economic environment, the last three years have proven time and time again that continuity planning should be a regular, ongoing part of running a business.
A business continuity plan proactively anticipates internal (i.e., you suddenly become incapacitated) and external (i.e., a global pandemic) events that can disrupt your business and defines how you’ll prevent, mitigate, respond, and recover. At the end of the day, a plan can help you maintain operations, minimize the impact on your business; protect staff, finances, and brand; and return to normal as quickly as possible.
Take a ransomware attack as an example, since it can shut down operations for an average of 20 days. Your plan would detail what you’re doing to prevent an attack; how to minimize the impact should an attack occur; how to keep operations going despite an attack; and what you would need to do to get business operations back to normal ASAP.
Developing the plan should be a team effort among key people in your organization. That way, everyone knows the protocols to follow and can react with speed and clarity should the need arise.
According to InvenioIT – an industry leader in business continuity, data protection, and IT security, your plan should identify objectives and include important contact information; risk assessments; business impact; prevention; response plan; systems planning; backup locations, and assets; communication plan; testing protocols; and gaps and recommended fixes. (Refer to InvenioIT for details.)
The U.S. Department of Homeland Security along with FEMA developed a free, downloadable business continuity planning suite. It includes training resources, a plan template, and test scenarios.
Perhaps one of the most challenging parts of continuity planning is figuring out how to prioritize what your plan should focus on first.
ContinuityCentral.com’s article, “Myth Busters: A Business Continuity Statistical Mystery Solved?” (Geary Sikich, Feb. 19, 2020) includes a list of questions that can help you prioritize – here are my favorites:
- “What are the three to five scenarios that could put our company out of business?
- Do we have a set of early warning indicators for emerging threats to the business?
- Are we developing accurate assessments of the issues facing our organization (direct, indirect)?
- What opportunities have we missed over the past three years due to inaction rather than lack of knowledge?”
You may also want to check out Accenture’s research report on operating through volatility, which includes a five-pillar framework for understanding immediate and potential future risks:
- “The people that power the organization
- The overarching strategy of the organization and how it differentiates the company
- The systems that underpin operations, both internally and with customers
- The supply chain and operational network that allows the company to fulfill customer needs.
- The partner and customer ecosystem and its alignment to business goals.”
Since so many factors impacting business can change on a dime, be sure to review and update your continuity plan at least every six months.
While you’re focused on protecting your business, let RBT CPAs focus on protecting you by providing professional, ethical and top-notch accounting, auditing and tax services. We’ve been serving businesses in the Hudson Valley and beyond for over 50 years and believe we succeed when we help you succeed. To learn more about what RBT CPAs can do for you, give us a call today.