This is the third and final installment of our business resiliency best practices, outlining preparedness elements to have in place before a crisis. Part one offers guidance on responding to an active crisis. Part two addresses components of a post-crisis recovery.
As you implemented your crisis response and recovery strategies, you no doubt realized that the most effective way to respond to a business interruption incident, be it cyber attack, global pandemic, natural disaster, etc., is through careful preparation.
Whether your crisis plan was not sufficiently detailed, had out-of-date information, or for some other reason was less than ideal, the best time to prepare for a crisis is when there’s smooth sailing. These six items will help you lay the groundwork for business resiliency.
CRISIS PREPAREDNESS CHECKLIST
Response Team | When an incident occurs, your partners, clients and employees will need timely information. Empower individuals to take on specific response roles, including communication and incident monitoring. Designate a project leader to lead the response team and designate an alternate in case the project leader is unavailable to lead the team. In many organizations, the risk manager will serve as the project leader. Create an Office Playbook detailing the responsibilities of individuals on the team.
Secure Important Information | Every business has critical documents such as business account information and sensitive data. Develop a plan with IT to have this critical information secured and backed up offsite.
Review Before You Renew | Work with your broker to conduct regular insurance policy reviews to avoid coverage gaps that can be created as your business grows and changes. Explore the coverages found in pandemic policies with your broker as well.
Know Your Supply Chain | Your suppliers and service providers must comply with certain regulations and standards to avoid putting you at unnecessary risk. Moreover, you need to have an understanding of who their suppliers and service providers are and how they are verifying safe practices. Ensure you have the contact information of backup suppliers should you need their services.
Staff Training | It’s important to ensure your staff is properly trained in routine cyber hygiene principles, such as how to identify suspicious sites and emails. Coordinate efforts with IT to conduct frequent training with staff and develop a Cyber Hygiene Playbook.
Establish a Line of Credit | The ability to quickly access a line of credit is critical in preparing for an incident. Ensure you have communicated with your financial institution and established a line of credit to gain access to cash as needed.
A thorough and effective crisis management strategy could be the key to surviving a business interruption event. While this checklist is designed to help to help businesses build resiliency and provide guidance through perilous times, sometimes companies need assistance in establishing their strategy. When in doubt, consult with experienced risk managers who can take your organization step-by-step through the process.