In last week’s blog on ‘What is Business Continuity Planning and Why it’s Essential’, we looked at why a successful business continuity plan is essential, what it is, and a quick look at how to build it. Now we’ll dig into the essential elements of creating a plan that works.
When you sit down and take a long look at your company structure and set up, how the culture “attacks” problems, and how often exceptions come up in your processes, you’ll probably find more to add to this list. Generally speaking, though, these are the basic essential building blocks of a continuity plan. Don’t let these high-level illustrations mislead you. Each one should be given real time and consideration and include all the leaders in your company, so no surprises are found at a critical moment.
*It’s important to note that HDCav does not provide legal council and is not legally responsible for the advice and suggestions in this article. The content is offered as awareness of the possible scope of response and planning, and it in no way implies suitability to a particular organization or comprehensiveness.
Essential Elements of a Continuity Plan
Response: Gather a list of key contacts
One of the most important elements in your business continuity plan is creating a list of all the important contacts who should be informed of the disaster. There should be two lists, internal and external:
- C-level executives
- HR manager
- IT manager
- Client-facing managers, etc. Don’t forget that anything that impacts the clients will impact client-facing staff, so don’t be shy about sharing with employees who may pick up a phone or answer an email. Nothing is more frustrating to a customer to call about a frightening issue only to find the person they reached out to has no knowledge of it.
- B2B Companies
- At least one contact at each client company should be notified. This can be the owner or primary contact all the way up to every contact in your system depending on the type of issue and the severity.
- B2C companies
- Every customer who may be impacted by the issue. Remember that any interrupted or slowed processes will affect the customers, so being honest about what they should expect is typically the best way to go. Of course, some issues like customer data theft are very sensitive so be careful.
- Likewise, any company partners and/or vendors that may be affected. Don’t forget the other companies that support your own.
- If security is breached resulting in monetary issues, submit a fraud alert to make sure you’re not unnecessarily demerited for the issue. The same goes for notifying your bank and other financial institutions.
Inventory: Create a comprehensive list of your IT assets
Your business continuity plan should contain a list of all the software, apps, and hardware that you use in your daily operations. This list should identify each as critical or non-critical and mention related details such as:
- Name of the software, app, or hardware
- Department and/or end user that it supports
- Frequency and intensity of use
- Version/model number (for software/hardware)
- Warranty/support availability details
- Vendor name and contact information, including customer support information
Data: Backup information
Data backups are critical to ensuring productivity, users, and customers are affected as little as possible. So, your business continuity plan should include all the information you have about your data backups.
- How often data is data backed up
- What formats does the data exist
- Where does the data live
- Who owns the data back up process, including contact information
- Who owns the data reinstatement processes, including contact information
Operations: What’s your Plan B?
Make sure your plan lists a backup operations plan that will go into effect in the event of a disaster. Examples include alternative workflows such as options to work remotely or to allow employees to bring their own devices to work (BYOD) until the time regular business premises or systems are ready.
Logistics: Floor plans and location
Your business continuity plan should also include floor plans of your offices with the exit and entry points clearly marked up, so they can be used in the event of any emergency. It should also mention the location of data centers, phones, key IT systems and related hardware, and who has the keys or access codes to them.
An easily overlooked item is the how of a continuity plan. Make sure that it clearly defines the Standard Operating Procedures to be followed in the event of an emergency. These should all map the elements above (and any others illustrated) to the outline of how these elements should be addressed, by whom, and when.
You’re Not Alone
If this feels overwhelming or if this seems too complicated to give it any real attention now, don’t let that stop you. Many small businesses don’t have the ready resources to dig into this level of planning, but that can prove fatal to their business later. A qualified MSP like HDCav can help you understand the intricacies of a business continuity plan that would work for you. Just contact us to find out how.