Develop a disaster recovery plan for your business

While managers at businesses of all sizes would crave the prospect of having complete control over their firms, the reality is that the running of a firm is becoming an increasingly precarious business. The recent political climate has, realistically, not been conducive to the smooth working of businesses, particularly with the fallout from the 07/07 bombings in London still being fresh in the memory. Or what about the Buncefield disaster at an oil depot in Hertfordshire in December 2005? The blast, which was allegedly heard as far away as Holland, is still being borne by homes and business. And, perhaps most topically, recent inclement weather, causing high winds and even flooding in certain areas of the country, might alert businesses to the potential dangers. Indeed, the Association of British Insurers last week indicated that high winds and heavy rain were likely to increase the dangers to property owners and see insurance claims rising. Commenting on this seeming apathy among businesses, the managing director of communication solutions provider Mitel UK, Graham Bevington, has said: "Although business continuity has become a higher priority, it's clear that the vast proportion of UK firms are ill-prepared to maintain operations if employees are unable to get back to work."

But are businesses taking heed of the obvious measures? Research would suggest that they are not being as pre-emptive of a potential disaster as they should be. Figures released by Continuity Central this month show that approximately half of firms in the UK said they did not have sufficient plans in place to deal with events such as a flood, fire or act of terrorism. Sole traders appear to be even more apathetic to potential disasters, with over a third of respondents who participated in the survey saying they had a procedure in place to deal with an unforeseen event. Some appeared to be nonchalant about the potential effects, with 29 per cent saying it was unlikely to affect them, while 11 per cent said they had no time to deal with the problem. Mitel says that retailers are the most disinclined to plan for the unexpected, with almost two thirds taking more than 48 hours and 28 per cent taking over a week to get firms in working order again, a predicament likely to adversely affect many, especially smaller retailers.
Small firms with more than ten employees appeared to be more alive to the benefits of implementing a disaster recovery plan, with 57 per cent suggesting they did have sufficient measures in place. More generally, small businesses might have less time and resources to implement a disaster recovery plan, so the above statistic would seem to show that larger businesses may be apathetic. Despite appearing to be burdensome, efficient planning for the eventuality of a disaster does not need to be the Byzantine task that many might believe it to be.

One of the most important measures to undertake first in the construction of a suitable disaster recovery plan would be to assess the impact of likely events. This could involve specially designated members of the team working out the risk(s) likely to threaten a firm most significantly. While some of the most obvious threats include fire, storms and floods, firms should also take into account the potential threat of less obvious problems, such as the death of an employee or the emergence or failure of a new competitor. By identifying these problems, firms of all sizes will be able to decide which risk to protect themselves from with the greatest urgency.

Developing the plan may then become necessary to work out how the firm would most successfully tackle a threat – in the form of a business continuity plan. The manager of an organisation might like to consider issues such as how disruption can be minimised, how the normal functioning of a business can be maintained, and, if problems have been severe, how to return a business to normal operating procedures as quickly as possible. Once a continuity plan has been successfully formulated, testing the plan to see if it will work adequately will be a necessary procedure to undertake. Many commentators believe this to be the most important part of the process because it is by testing that the plan can gradually be evolved over time and planning can be undertaken to assess how a business will continue operating in the face of an interruption. While recent research conducted by Strohl Systems and CPM-Global Assurance has found that over half of organisations who took part in a poll have exercised their plans, the president of business continuity group Strohl, Brian Turley, stressed the importance of testing a plan. "It is encouraging to see businesses testing plans, but the number of businesses with an untested plan is still too high. Those organisations are needlessly risking their operations by blindly trusting an untested plan," he said.

So, the threat to business continuity may be a greater possibility from any angle. This may be apparent in the field of IT, with businesses increasingly relying on IT systems to go about their daily tasks. However, despite the fact that recent research by AMI-Partners shows that IT expenditure will amount to £18 billion this year, firms must realise that they cannot be vigilant enough in their efforts to make continuity as smooth as possible. It should be a business' aim to recover from such incidents as quickly as possible and the implementation of a comprehensive disaster recovery plan may be the best way of mitigating against unexpected events.