Essential Steps to Build Your Business Continuity Plan for Weather-Related Hazards

Building a continuity plan for your business related to a weather-related disaster can be daunting. When considering the consequences of potential impacts on your business following a weather-related incident, there are some relatively easy steps you can take to get your plan off the ground.

“Siloed approaches to business continuity planning are never recommended because of potential blind spots,” said Jared Smith, Risk Control Manager at Safety National. “For example, an IT department leader may prioritize service restoration and not consider the processes involved for on-site physical injuries. Involving multiple stakeholders across your organization will help identify all variables and the preparation required to mitigate a disaster’s effects.”

These five steps may help in the initial stages of building your business continuity plan.

1. Identify the potential weather hazards and threats to your organization.

Hurricanes, tornadoes, floods, droughts, lightning, and blizzards can potentially impact a business, employees, operations, and customers based on their areas of operation. Every organization should be familiar with typical weather patterns for their locations and active months within a calendar year (e.g., tornados in late spring and early summer). It is also important to have an emergency broadcast system in place to alert employees when bad weather strikes.

2. Understand the impact on your business.

A natural disaster has the potential to halt business operations, at the very least temporarily, and for mission-critical organizations like healthcare, time is of the essence. Questions to consider in your initial risk assessment include:

• What if infrastructure is threatened? Would vital employees be able to make it to work after a disaster?
• What if members of your workforce have been injured on-site and need emergency assistance?
• How would the disaster impact customer traffic or your ability to service customers and clients?
• Who would assist in getting your operations back up and running? Do you have a third party assigned to service restoration?

3. Identify the severity of the consequences of service interruption.

Results will vary greatly for service interruptions lasting between one hour, one day, one week, and one month. However, if losing power for one hour will severely disrupt your operations, it may be wise to consider emergency power generation for your business. Costs for each interval can be identified so that a cost-benefit analysis can be completed for each hazard and each operational loss. Your analysis should include key personnel that would need to respond to sustain the business. Additionally, you will need to plan for scenarios that may prevent them from responding after a disaster.

4. Adopt feasible and practical solutions to mitigate the severity of the disaster.

Not all solutions will be practical, but including key stakeholders in the planning and mitigation process may help right the ship. An enterprise-wide analysis provides a broader scope, including risks to people, processes, and technology. These stakeholders can help provide answers to the following:

• When potentially disastrous weather conditions are expected, how will employees be notified? Will you reduce on-site staff to only essential employees or allow your workforce to work from home when able?
• What is included in the IT disaster recovery plan? How will it minimize downtime and secure workstations to continue operations?
• Have employees been trained with regular emergency drills? Are there safety leaders who can respond in the event of an injury?

5. Create a written, working, usable plan that is consistently practiced and updated.

A business continuity plan that sits on a shelf or is too tedious to comprehend serves no one in the organization. Appropriate planning should be emphasized by recognizing the significant threats and how best to protect your business in light of those threats. Once the plan has been initiated, action should be taken to exercise it, which will help further identify gaps in the plan. This plan should be consistently audited to reevaluate the people, processes, and technology involved. In the event of an actual emergency, these reassessments will be critical to your overall disaster response and recovery.