Business continuity plans shouldn't focus entirely on natural disasters. While fires and floods can take out your office and your data, the larger threat is human error. People make mistakes. Human error can cause your business to lose a single important file, account, server, or completely shut down your critical systems. Not only should you plan ahead for these kinds of mistakes, but you should also follow these 7 Key Principles to ensure a well-rounded Business Continuity Plan.
1. Get employees involved. Business Continuity plans only work if everyone understands them. Employees are also a great source of ideas and insights about how your business might be affected by a disaster. So business must communicate Business Continuity plans to employees regularly — and actively solicit their input.
2. Keep customers in the loop. Customers are the lifeblood of every business. They should be treated as such even during a disaster. Alerts on the company website, email broadcasts, social media and text messages to key contacts’ mobile phones are all good ways for a business to express concern about the impact of a disaster on its customers. That level of service can even help transform a disaster into an opportunity for greater long-term customer loyalty.
3. Collaborate with suppliers. Businesses increasingly work in tightly interdependent networks of suppliers and partners. By working collaboratively with these third parties, businesses can make themselves even more resilient and well-protected against disasters large and small.
4. Periodically test and update Business Continuity plans. It’s not enough to formulate a plan once and put it on paper. Assumptions about a plan should be validated with real-life testing. Plans also have to be updated continuously to ensure that they accommodate changes in the business’s products, services, relationships, size, geographic reach, etc.
5. Factor in compliance. Businesses are subject to a variety of regulatory mandates that may require certain disaster preparedness measures. OSHA may be particularly relevant in regards to workplace safety.
6. Examine insurance options carefully. Coverages vary greatly, and policy language can be confusing. Businesses have to exercise careful legal and financial diligence to ensure that their policies cover all aspects of disaster recovery and revenue loss, not just the repair of initial damage. In some cases, it may make sense to obtain contingent business interruption insurance. This type of policy provides additional coverage for the harm a disaster can do to a business indirectly, for example, if a supplier in a different climate fails to deliver promised goods because of a local blizzard.
7. Data backup is not enough. Many businesses think they’re safe just because they’ve backed up their critical files. The problem is that those files depend on applications and systems to be of any use to the business. That’s why, in the event of a disaster, it’s essential to be able to run applications on-demand from virtual machines backed up in the cloud.