Hope is not a strategy. That’s a common refrain in the crisis-management space. Yet too many organizations of all shapes and sizes base their business-continuity approaches on just that: Hope. And maybe some secret prayers nothing will ever happen.
During this age of COVID, many businesses have nimbly pivoted and altered the way they do business. That deserves applause, and its proof that American ingenuity is alive and well even in the worst of times. But in our discussions with a range of business owners and leaders, almost all have said they would have suffered less loss had they had a plan in place to address what has befallen us in 2020.
COVID has starkly reminded us that threats are out there, many beyond our own making, and that one will eventually make its way to our door step. And that’s a hard moment when many businesses often learn that a failure to plan is a plan to fail.
In fact, the federal government estimates that greater than 50 percent of businesses across the country do not have business-continuity plans (BCPs). The feds also estimate that approximately 40 percent of businesses that face a crisis without a BCP or crisis-management plan will close within one year, about 50 percent will fail within two years, and nearly 75 percent will fail in three years. Those are sobering numbers.
Yet there are compelling arguments for having a BCP in place, such as insurance, contract and regulatory compliance. Most importantly is the fact it can greatly help an organization prepare to mitigate the impact of a business disruption, navigate through it with limited loss and cost, and recover more quickly. Of course, there is also the argument that a BCP can help retain customers, protect reputation, preserve the brand and maintain community trust.
So why don’t more businesses have a BCP in place? It’s a lack of understanding. Too many businesses don’t know what a BCP is, nor how it is developed. And some are just overwhelmed with the task, and kick the can down the road until it’s forgotten, or too late.
But BC planning is not rocket science. It’s really just a process to prepare. The level of complexity involved is proportionate to the size and geographical-breadth of an organization. But regardless, the process is very similar from organization to organization, and breaks down into these abbreviated steps:
- Identify threats and disruptions. Organizations should consider what likely crises or disruptions could hit their business in the next six to 12 months.
- Assess the impacts of those disruptions. Take a hard look at how each disruption could impact the business, and what operational areas and functions will it affect.
- Develop contingency strategies to avoid, mitigate and/or recover from the disruption. Consider and document what actions the business can to take to address the potential crisis or disruption, down to each operational area of the business.
- Determine resources needed to support the contingency strategies. Make a list of resources needed on hand or retained to support the actions steps to address the business disruption.
- Know your people. This is the step to identify the most important resource: People. Determine who will lead your crisis or BC team, and who will oversee implementation of contingency strategies for each operational area.
After these steps are complete, it’s important to walk staff and key vendors through a rough BC or crisis-management plan. Collect their feedback, encourage their push back, and use that input to refine the plan into a viable and documented roadmap for action if the need arises. From there, it’s important to conduct a table-top drill at least once per year, per scenario, and update the plan as appropriate.
This is a far better strategy for success than merely hoping a crisis or business disruption doesn’t happen. While a failure to plan is a plan to fail, it’s also important to remember the converse adage: Luck favors the prepared.
So, please, be prepared.
Stephanie McFarland is a senior issue-management consultant with Indianapolis-based McFarland PR & Public Affairs, Inc. (mcfarlandpr.com).