Proactive Service: Business Continuity and Disaster Recovery Planning
Why do I need a business continuity plan? In today’s world, a disruption in business operations could occur at any time. More importantly, it can occur to any business unit and function, whether it be a loss of a physical location from a flood or tornado to a man-made event such as a cyber-attack. Proactively planning for a suspension of operations now can save an organization time, money, and perhaps business sustainability.
There are several steps involved with conducting a business continuity plan. The most important being a commitment from management to develop and structure the plan itself. While there are many templates available, some of the best resources in structuring the plan can be provided by your insurance carrier which can be spearheaded by your agent.
After the plan is formalized, careful consideration should be given to ensure that the plan speaks to the rest of your organization’s risk management program as well as other divisions and operating entities within your organization. Your agent should have a hands on role in this process.
For example, after the plan is complete, does the plan help reinforce your limit of business income and extra expense? Has the plan uncovered the need to reflect and analyze this limit in further detail?
Just as important, are other vital aspects of your company involved within the plan? Organizing a set of policies and procedures to assist in the continuation of critical IT functions is loosely known as Disaster Recovery. Similar to the broad planning associated with business continuity, planning for disaster recovery is highly influenced by the industry in question. Does your business continuity plan speak to the IT functions of the Company? Different industries and organizations all have unique needs and legislation that will affect them.
Ask yourself these questions:
- Does your business continuity plan involve IT or other technology system functions?
- Does your organization’s needs involve compliance and protection of information that falls under HIPAA and more recently the HITECH Act?
- If a disruption of business operations occurred, would your organization’s solution continue to protect that information?
- Would any solution help mitigate the potential legal liability for non-compliance under such law?
- What about other industries or technology exposures, such as credit card processing and PCI Data Security Standards?
The process of planning and testing a business continuity plan that speaks to all levels of an organization can take as long as 12 to 18 months. Your agent should be a key constituent in the process.
At Arthur Hall Insurance, our unique risk management process lets us identify critical exposures, address those exposures through a consultative analysis, recommend solutions, and provide ongoing monitoring to help you safeguard your organization in the ever-changing world in which we live.
You can find out more about by calling either our Pennsylvania office at 610-696-2394 or our Delaware office at 302-658-0100.