COVID-19: How to ensure Business Continuity and Manage Risks?
In this situation, it is crucial for the business to react as quickly as possible in order to minimize impacts and other associated risks, and at the same time, prepare the organization for the further development of COVID-19 pandemic and its possible scenarios
Due to COVID-19 pandemic, business continuity is the topmost discussed agenda of all organizations regardless of the size and nature of businesses. Business continuity management is the process of developing systems of prevention and recovery in response to potential threats a company could face. These threats include natural disasters, issues related to IT, an interruption to a service or a supply chain disruption.
As we all are aware, COVID-19 has brought business to completely halt their physical activities to prevent the spread of coronavirus. In this situation, it is crucial for the business to react as quickly as possible in order to minimize impacts and other associated risks, and at the same time, prepare the organization for the further development of COVID-19 pandemic and its possible scenarios. In this article, we will discuss what kind of risks should be taken into consideration and how to manage them in order to prevent the suspension of operations or services.
The prime responsibility of corporate is to ensure the implementation of basic emergency measures as described or recommended by the World Health Organization (WHO) or their country's health authority, which might include sterilization of the offices, instruct employees to maintain social distancing or it could be travel restrictions etc. Including the above mentioned initial fundamental measures, the following risks are vital to be assessed.
1. Infrastructure Risks - Firstly, the readiness of all components of infrastructure in order to support the higher load of remote working employees.
- Bandwidth availability to connect to Head office resources.
- VPN or remote connectivity hardware capacity.
- Hardware or Software licenses to support remote access.
- Availability of laptops/systems for remote employees.
- Attendance management hardware or software availability.
- Mode of communication and availability to remote workers.
- Employee's performance tools to streamline productivity.
2. Data Risks – Data security is always critical whether users are residing in the office space or remotely.
- Ensure the documentation of strict data protection policies.
- Can the sharing of data be restricted at a user or group level?
- Can users control the level of access and rights to Data?
- Integration of Data loss prevention capabilities.
- Provision of auto data sync capabilities to ensure the data loss in case of hardware failure.
3. Cyber Risks – With the growth of pandemic, threats are also on the rise and organizations are being targeted. Therefore, protection of IT assets is necessary.
- Monitoring of all events and ensure security patches are timely applied.
- Monitor all publicly published applications and ensure the security controls.
- Ensure the physical security of all critical locations.
- Check if remote surveillance can be enabled for monitoring.
- Prepare and perform security awareness sessions related to crisis.
- Antivirus signature updates are regularly checked or not? What steps to be taken if updates are stopped?
- Profiling of all operating systems before connecting to corporate networks.
4. Employee Risks – Employees are the key stake holders. They can't be left on their own discretion.
- Take supportive measure to motivate and guide them how to deal with this kind of situation.
- Keep employees well informed with all the necessary information about the country laws related to COVID-19.
- Make sure only legitimate information is shared and notified, if miss-guided information is being circulated.
- Mapping of key roles and availability of their backup in case of absence.
- Asses the possibility if employees can work in shifts with reduces hours, so that, Social distancing can be maintained.
- Hierarchical roles are clearly defined to streamline the workflow.
- To motivate remote employees, develop communication medium to collaborate and organize motivational sessions.
5. Business and Operational Risks
- Make an arrangement of work permits and other access related permits for employees, who require physical access.
- Drafts all potential issues and countermeasures related to supply chain.
- Make strategic plans to close office premises or set up a new office to maintain social distancing.
- Closely evaluate all those options from where cost can be optimized.
- Re-evaluate Business processes and portfolios to stabilize the organization to counter the impact on its economy.
- Establish plans to ensure the business operations and list down all scenarios and their countermeasures which can affect Business operations.
- If required, re-define Service level agreements (SLA) and Operational level agreements (OLA).
To conclude, Although COVID-19 has had a great impact on business continuity, Business can reduce the impact if timely and accurate measures are taken. Due to the rise of coronavirus, there are chances that some businesses may think of exploring more solutions to reduce the potential impact of COVID-19 or other similar pandemics in future.