SPRING MAY HAVE finally sprung but it was just weeks ago that snow and ice brought much of the UK to a standstill. The worst of the weather may be behind us, but that makes it an ideal time for practices to assess how they handled the icy conditions and how they can plan ahead for the next cold snap and other potential crises.
Bad weather, pandemics, power failures and volcanic ash clouds may sound like the stuff of sci-fi movies but all of these threats have happened in the UK in the last three years alone. Just this year we saw temperatures in the UK plummet to minus 18C with the cold affecting organisations up and down the country.
There are several ways in which ‘business as usual’ can be taken out of your business’s hands – the key is to plan ahead and be prepared for all eventualities starting with identifying potential threats.
Some threats, such as a flood, may physically destroy your IT infrastructure. Others, such as pandemics, bad weather or industrial action, affect your people but shouldn’t affect your buildings or equipment. A power outage could render your equipment unusable, but your data and people should remain safe. These are all worst-case scenarios but your plan should cover contingencies for as many threat types as possible.
Areas of responsibility: Identify a key ‘emergency’ team and assign areas of responsibility such as contacting insurers, energy suppliers and so on to ensure the company has a back-up team in case people are out, on leave or already affected by the crisis. Contact customers and other stakeholders as soon as possible to let them know what your situation is and what steps you are taking to keep your business moving.
Escape to the cloud: Cloud-based technology allows applications and data to be kept and hosted offsite in a secure data-centre, which can be accessed through an internet connection. As long as your staff have access to the internet, they will be able to log-in and access email and other business-critical documents and applications as if they were in the oice, keeping disruption to a minimum for your business and your clients.
Back-up important data off-site: Consider having an off-site back-up source for all critical data that is backed up automatically and confidentially to protect against in-house data loss. Too many companies meticulously make back-ups of everything and then store them in the server room. If strong winds or flooding destroys the building, that data is gone too.
Back-up power: Storms, hurricanes, floods, fires and heavy snowfall can cause long term power outages; consider how long your business could survive without power. This will help you determine whether you need a back-up generator or the means to enable staff to work remotely.
Alternative communications strategy: Make sure your plan includes your teams’ home and mobile telephone numbers. If you run your own email servers, do key employees have alternative email addresses they regularly check? Explore every avenue of communication available to keep everyone in the loop.
Essential equipment/services back up: Set out what needs to happen if equipment needs to be repaired or replaced and the potential timescales and costs for this.
Finally, bear in mind that a business continuity plan is not just a piece of paper or a tick in a box. It should be workable and regularly tested to accommodate any changes to your business, technology and personnel. If thoroughly thought out, this kind of planning can ensure that business remains ‘business as usual’ rather than ‘business at risk’.
Phill Robinson is chief executive of Iris Accountancy Solutions
Driving opportunity for all and empowering businesses for success are the key themes for the Sage Summit UK this year, which takes place on 5-6 April
The partnership will see PwC have 'physical presence' at CodeBase in Edinburgh
Unincorporated businesses under the VAT threshold given an extra year to prepare before MTD becomes mandatory
Simon Wright of CareersinAudit.com discusses how an effective cyber defence force is critical to businesses worldwide and how internal auditors can make the transition to a new career in cyber security