Crisis Planning and Risk Management are two very important topics in an uncertain world. Too many businesses simply look at these whilst considering budgeting and business planning, only to then leave it to one side once that is done, never to look at it again!
If you don’t regularly review (or actually use) these plans, then they become little more than an interesting academic paper. If you think about the way we all manage and understand personal risk, it involves constantly updating our understanding and putting measures in place to prevent it causing us harm.
That applies as much to crossing the road (and looking both ways) as it does to where we purchase goods and services online. This logic, awareness and vigilance equally need to translate through to business risk management.
Protecting your security
In many ways protecting your physical security is straightforward, as long as you get expert assistance on the planning and implementation of it. Protecting the perimeter of your facilities, monitoring CCTV, intruder/fire alarms and administering access control can all be controlled from a central point using a system such as TDSi’s EXgarde software.
The other side of this is having the right plans in place to deal with intruders or breaches of your security. If your security team doesn’t know how to react, there is little point having the best detection systems in place! Equally, your general employees need to know what happens in the event of an incident – especially if this requires evacuation or even a lockdown (if an armed intruder has gained access for example). Planning is critical in dealing with these risks and minimising the dangers from them.
It is also worth remembering that there are other sorts of risk to a business beyond the obvious physical and logical security threats. At TDSi, for instance, we keep a ‘Risk Register’, something that is reviewed every two months at our Board Meetings.
This addresses many different potential risks to the business. For example, what would happen if a key employee was involved in an accident? What would happen if core IT systems were to fail? What would happen if one of our sub-contract manufacturers wasn’t able to deliver a product for us?
By understanding these potential dangers, we have plans and mitigation measures in place, so if something does happen, we know just what it is that we have to do to overcome any hurdles from a specific risk.
Naturally, there is no way you could have plans in place to automatically mitigate every potential problem, but you need to have a mind-set and problem-solving process in place that is open and receptive to any eventuality and will be able to find the best possible solution. This also means being aware of what is going on directly around you, as well as in the wider world, along with the structure to respond to it.
This level of planning isn’t just vital for your business, it protects your partners too. Other organisations that work or trade with your business need to know what you would do in the event of a disaster or unexpected crisis. It is very important that you can show that there are measures in place to deal with these eventualities and fully support your commitments to other organisations.
This is exactly why you need to regularly review and update your crisis plan to ensure it covers all the potential risks. The trouble with many threats is that you don’t know they are out there until they strike your organisation! It is therefore crucial that everyone knows exactly what they should be doing if this happens.