In the previous articles in this series, we discussed risk assessment, the importance of establishing what risks and threats your business faces in order to be able to properly address them and how to minimize casualties and disruption.
Your risk assessment evaluation has given you a ranked list of threats, some of which you may have been able to discount (see previous article). All other remaining risks must either be prevented/avoided or mitigated against.
In this article, we will give consideration the the areas of disaster prevention and disaster avoidance, detailing how you can prevent or avoid risks.
However, you must always bear in mind that even if you can avoid a risk entirely, the initial threat can still arise, everyone on site needs to know (or be informed) of the actions to be taken, and therefore your disaster prevention, disaster avoidance and business recovery measures must still be included in your business continuity plan.
There are a number of ways in which threats can be prevented or avoided, either entirely, or at least managed down to a level where the disruption is acceptable:
Certain risks such as earthquake or flooding could be largely avoided through the construction of earthquake resistant buildings, building bunds or levees around your property, installation of a lightning conductor etc. However, these can be very expensive and only justifiable if the threat (likelihood x consequences) is particularly serious.
Many of the risks associated with IT (computers and communication systems) can be avoided entirely through astute investment. Off-site backup of data and cloud based solutions can (with other measures) ensure that any disruption to on-site servers can be quickly and easily worked around. A mass messaging system that allows communication to be maintained even when phone lines or the internet are unusable can minimise these threats to the point that they can be safely ignored in many instances.
Many threats can be managed down to negligible levels through adequate policies and procedures. For instance, having properly trained deputies able to stand in for indisposed key members of staff, properly trained security staff checking everyone entering your business critical areas or distributing business critical activities around multiple sites.
Communications are crucial in avoiding risks. There is no point having measures in place unless everyone is told when those measures are in effect. In parallel with drafting your emergency plan, you should be giving active consideration to your communications requirements, and in particular, considering whether you need a dedicated emergency messaging system, or whether a more flexible mass messaging system that can be used for day-to-day business activities (keeping in touch with remote working staff, sending promotional or other information to customers etc.) would be more suited to your needs.
To read the first article in this series, go to Emergency Preparedness Planning: Identifying the Key Stages of your Disaster Recovery Plan. To read the 2nd article in this series, go to Emergency Preparedness Planning 2: Risk Assessment. To read the 3rd article in this series, go to Emergency Preparedness Planning 3: Continuity Planning. To read the 5th article, go to Emergency Preparedness Planning 5: Disaster mitigation. To read the 6th, go to Emergency Preparedness Planning 6: incident response. To read the 7th and final article, go to Emergency Preparedness Planning 7: Recovery.
We recommend that you register for a free online demonstration of Regroup’s powerful, secure and easy-to-use mass notification and emergency messaging system or for more information, case studies and white papers about how Regroup helps in meeting your day-to-day and emergency communications needs, talk to a Regroup Communications Consultant today at 775-476-8710.