An essential part of your security strategy: Planning for emergencies
Most entrepreneurs prefer not to think of the many things that could go wrong in their business—particularly an emergency that could grind operations to a halt.
Indeed, emergency preparedness and disaster response planning is typically low on most entrepreneurs’ list of priorities. But small and medium-sized businesses are facing increasing threats nowadays,everything from cybersecurity vulnerabilities to climate change-related weather incidents that pose a substantial risk to their bottom-line.
Clean up or disaster recovery from an event such as a fire, flood or wind damage is only one part of the problem. Business continuity is another major challenge. It’s one thing to cope with an emergency or disaster-related event,but another one to restore your business to full productivity and profitability in the aftermath.
In my last column I wrote of the need for organizations to take an integrated approach to security, one that takes all potential vulnerabilities into consideration and leverages the latest technology to keep their people, property and assets safe. Developing an effective emergency response and business continuity plan is an important part of that strategy, and it’s typically a four-part process:
Governance and structure—Assess what policies and infrastructure you have in place to manage a potentially catastrophic event. Do you have managers ready to enact your plan and ensuing business continuity programs? Most importantly, are those plans integrated across your organization to ensure the response from departments and key stakeholders are in alignment?
Risk assessment and analysis—One of the most involved aspects of developing an emergency response plan is identifying potential risks across your organization and thinking broadly about what could go wrong. That could involve everything from the roof of your factory caving in during a wind storm to a massive data breach that compromises sensitive customer information. It’s not only the risk itself that needs to be assessed, but also the impact on the business as a whole, including the cost of recovery, the effect on employee morale and client relations, along with your company brand.
Plans and procedures—Your management team needs tools at the ready when a worst case scenario plays out. That means having those aforementioned emergency procedures available to deploy at a moment’s notice, along with a communication strategy to keep stakeholders informedand a business continuity plan to ensure product and service delivery continues without interruption.
Sustainability and improvement—The only way to make an emergency response plan work is to ensure that your entire organization—from senior leaders to middle managers and staff—are trained to implement and follow it. That requires adequate training, semi-regular exercises to simulate a response to a major challenge and then auditing the plan and developing updated procedures as your business evolves and response requirements change.
This needn’t be an onerous, time-consuming process. Work with your management group and either internal security team or external provider to help develop and maintain your emergency response plan. The most important takeaway here is that proactive preparation is the key to ensuring that when the worst happens, your business success won’t be compromised.
Winston Stewart is the President and CEO of Wincon Security, a Scarborough, Ont.-based security firm that has delivered property monitoring and protective services to retail, commercial, industrial and condominium clients across the Greater Toronto Area for more than 25 years. For more information, visit www.wincon-security.com