Response. Recovery. Resumption

Hurricane preparedness can safeguard your business

• By Deven Kichline
• Nov 05, 2007

Since the unprecedented destruction of hurricanes Wilma, Rita and Katrina two years ago, the spotlight shines on the need for strong business continuity plans. A crisis such as a natural disaster requires proactive management and quick action to prevent business interruptions and enable quick recovery. The only way to deal with a non-preventable disaster, such as a hurricane, is to be prepared in advance: Have a plan, know how to implement it and be able to improvise when the unexpected arises. The hurricanes of 2005 serve as a wake-up call to small and large business alike—they must have the tools to answer the call when disaster strikes.

Business continuity refers to the business procedures in place to ensure that critical functions continue during and after a disaster. Sometimes, lost business functions are inevitable during a natural disaster. That’s where a BC plan becomes invaluable. It outlines specific steps to keep the business up and running while lost functions are recovered.

Assessing Risk
Any crisis requires swift action—especially when the devastation and duration of the crisis is as dramatic as Hurricane Katrina. If a BC plan is already in place and decisions have been made ahead of time regarding implementation of the plan, those actions can be taken immediately to lessen the impact. The plan should be a living, breathing document, free to grow and change with the growth and changes of the company.

A risk assessment is a systematic process for assessing probable disruptive events. Risk profiles vary from business to business. The company’s location, how facilities and branch offices are connected, the type of information technology infrastructure being used and how the business is run vary greatly and can change the risk profile. For example, businesses in the Southern states are more likely to be impacted by a tropical storm and less likely to have business flow interrupted by a blizzard, which is more common in the Northeast.

While disaster can strike anytime, anywhere, a risk assessment focuses first on the risks that are most likely to impact the business. Identifying threats, calculating impact and developing organized responses to these risks are the key to business continuity. And, unfortunately for many companies in the United States, the threat of hurricane and tropical storm interruptions will be an important factor in the BC plan.

Top-level management must support the company’s contingency plans to improve communications, decision making and plan implementation. From the start, involve management in the plan’s development and keep them updated to changes as they happen. Identify which employees will be responsible for which tasks during an emergency, and make sure those employees are familiar with the plan and are able and willing to carry out those duties. Make the plan accessible by providing those employees—and all top-level management—a copy of the plan for reference if a crisis should occur. This ensures all acting parties know what to do, how and when to do it and have a reference source in case they forget. Promotion, education and testing are the key tools in the preparation process.

This is a Test
Once a plan has been developed, test it to see if works. Procedures that look good on paper often fail when they are implemented for unseen reasons. It’s better to learn the downfalls of the plan before disaster strikes rather than during a crisis when it’s often too late. Practice implementing the plan from start to finish to determine its effectiveness.

Tests should include orientation exercises that educate new personnel about the plan or introduce changes to the plan. Hold regular drills to monitor actual field response of a single emergency response function. A drill should involve all responders in a single location and should be practiced under realistic conditions.

An effective exercise to test a newly developed or altered plan is the tabletop, or walkthrough, exercise. This meeting allows for review and discussion of the plan without performing any of the actions. It also can help ease fears for employees and management and pave the way for the granddaddy of them all: the simulation, or mock, exercise. A fully simulated disaster scenario “role plays” response, recovery and restoration activities in an abbreviated timeframe, representing hours and days. This helps evaluate the operational capability of teams and individuals in an interactive setting to see if the plan will be successful under actual operating conditions.

All these tests will help determine the weaknesses of the plan, allowing you to draft a way to strengthen and improve those areas. In other words, testing will help build a more effective plan.

A Step Ahead
The unprecedented magnitude of Hurricane Katrina caused major disruptions that exceeded the scope of many business continuity and disaster recovery plans. The storm demonstrated that a disaster can cripple landline and cellular telephone services, so develop a communications plan that includes multiple channels, such as telephone, text messages, e-mail, two-way radios and personal data assistants. By using a number of different channels, you will increase the likelihood of making connections if one channel fails. Another good plan to increase the odds of communication success is to choose emergency contacts outside of the business’ operating area—people who can contact employees, managers, customers, vendors and government agencies if disaster should shut down communication channels at the office. Or look at satellite telecommunications as an alternative. Anticipate disruptions in communication channels and make plans with these disruptions in mind.

Finally, stay informed of potential threats—including natural disasters—so proper measures can be taken ahead of time to decrease negative impacts. Keep current with breaking local and national news, check weather reports and consult with others in your area. For hurricane-prone areas, the National Weather Service Storm Prediction Center can serve as an excellent resource. It provides forecasts, advisories, live radar maps, projected storm paths and storm tracking. Its parent organization, the National Oceanic and Atmospheric Administration, predicts changes in the Earth’s environment, tracks dangerous weather and charts the skies and oceans. Consult these services to stay one step ahead of potential weather-related disasters and safeguard your business against natural threats.