Recovering and rebuilding after a disaster: Part 5 – Making a plan to survive a business disaster

This article is part of a series of seven articles to help businesses recover and rebuild after a disaster. Other documents in this series:

Only about 30 percent of businesses have a disaster recovery plan.

But it’s not because they don’t think it’s important. In most cases it’s because they simply don’t know where to start to prepare.Open for business

One of the most critical reasons for developing a business continuity plan, aside from the obvious reasons to protect people and property, is to ensure your business data is available post-disaster. The last thing you need to deal with immediately following a catastrophic incident is the awareness that your valuable business data is gone forever.

This data might include customer information, email correspondence, financial records, sales and shipping records and insurance information. You could lose contact information for all of your vendors, clients and employees. Production facilities could lose drawings and product specifications as well as quality and product tracking records.

HR information would be at risk, as well as any manuals, books, policies and procedures you have created. The list is endless. Anything you store in hard copy or electronic form can be wiped away in an instant.

And while you think that the risk of your business being affected by a natural disaster is rare, keep in mind many other occurrences can put your company at risk. Losses may occur as a result of human error, computer viruses or server failures. A fire or water and smoke damage can claim irreplaceable records. Employee theft could take valuable intellectual property and confidential records out the door.

Developing a plan can seem overwhelming, but here are some basic questions to help get you started.

  • What types of disaster might we experience?
  • What parts of our business need to be operational first following a shutdown?
  • Do we have a plan for relocation? Where could we go, and for how long?
  • What are our employees’ roles in disaster recovery?
  • How will we communicate with one another if phone and email are not available?
  • What kinds of agreements do we have with our computer and internet providers?
  • Will our current business insurance cover our needs following a disaster, or do we need to update our coverage?
  • How can we finance our recovery expenses? Do we have our financial records backed up off-site so that we can have the information we need to apply for additional financing?
  • What process do we have for backing up current information? Do we need another server off-site? How often should we back up our information?
  • How will we handle telephone calls if our site is disabled?
  • How will we track orders if our system is down?

Obviously there are varying levels of disaster. A server crash, while highly inconvenient and especially damaging if your information is not backed up, is a devastating blow. It’s not quite the same as losing a facility, inventory or worse, people, however. A well-developed disaster plan should have varying response actions for varying levels of events.

The following is a list of critical disaster recovery preparations you can do now without much planning. These will ensure that should the worst happen even tomorrow, you are prepared with a minimal response that will keep your doors open.

  • Make a back-up of all of your files, programs, email messages, websites, databases and contacts immediately.
  • Back up all laptops as well, even those that are with off-site employees.
  • Move all of your back-up data to an off-site location.
  • Make plans now to back up all of your information at the very least weekly. Daily is better.
  • Keep back-up hardware off-site if you can. Even a few desktop and laptop computers that you can get to in an emergency will make business restoration easier.
  • Keep a record of all of your operating systems and applications, including version numbers, license numbers and configuration details, and how to run those programs and applications in an emergency. Make a copy and store it off-site.
  • Ensure that more than one person knows the whereabouts of your back-up data and how to access it.
  • Ask your IT vendors about their response plan in the event of a disaster.
  • Create a disaster manual that provides instructions regarding where you can establish an alternate location and from whom you can get equipment and supplies. Include all of the contact information for employees, suppliers, insurance agents, emergency management personnel, telephone and Internet providers.