October 8, 2018

Article written by:
Ed Bannen
Assurance Manager

Lately, it’s hard to go a week without seeing natural disasters, cyberattacks, misconduct of personnel, or other political issues dominating social media and other news outlets. These issues may seem interesting, sad, or appalling, but likely will not impact you or your company. Well, you know what they say, “Hope for the best, prepare for the worst.” And by prepare, we mean have a plan. These plans don’t have to have significant costs, but the reality is that any incident will be significantly more expensive.

Disaster Planning

Prevention measures are always near the top of the priority list and very necessary; however, completely avoiding all crisis is becoming more impossible. For example, cyber threats are evolving faster than preventive measures can anticipate. So what can you do? Simply have a disaster recovery plan. Every crisis you can prevent or prepare for will have significantly less cost.

  1. Build a culture that is aware of the risks and supports company controls designed to prevent issues.
  2. In the event of a crisis, companies should have defined roles, responsibilities for decision making and communication. This will require prior discussions on various potential issues. We all have seen the ‘what not to dos’ in recent years as the media highlights them. Find an example of a company that had something potentially serious happen and what they did to prevent the media from covering it more than once.
  3. Have key external advisors (insurance, data management, forensic accounting, lawyers, etc) identified prior to issues. These prior conversations will (1) help them be better prepared for assisting you and your business as well as (2) help you identify gaps in your preventative planning.
  4. During the crisis, keep all inquiries and communication from a central location where messaging will be uniform, consistent and accurate.
  5. Have a plan for how the business will operate under various scenarios; business CRM down, distribution facility hit by a tornado, fraud, cyber breach, etc.
  6. After an event (and sometimes during), identify and determine a remediation. Consider analyzing the situation for any underlying or systemic problems which led to the crisis.

GBQ is happy to provide assistance throughout the process. Please contact us if you would like to learn more. And remember, this issue is likely to affect all of us at one point; it is best to be prepared.

 

« Back
Tags: Operations