Risk & Business Continuity: CEO Perspective
In normal circumstances, business continuity is top of mind for many business owners, but with the volatility of the current environment, it has become a visceral worry. As a business leader, I see a few key actions a business and its stakeholders can take to help safeguard the viability of the business and to ease anxiety the business owner and the employees may feel. Kosh Solutions is a managed IT services provider that helps companies offset some risks and work towards better continuity in the face of threats and disasters. See the services we provide here.
1. Outsource Risk to Experts
There are many aspects of a business that should be outsourced to vendor partners to mitigate risk. The expertise that a good vendor partner can give is invaluable during uncertain times.
An example that is close to our business is data protection. There is a science and discipline of process that goes into the protection of a company's data asset. Having assessed and created disaster recovery plan is a great way to gain peace of mind. We have an article covering when a company needs disaster recovery.
Another example is the risk of not being able to physically go to the office and needing the business to continue its operations. There are many considerations around security, equipment, data access, and communication tools when it comes to working remotely. Having partners that can be called on to put plans into action and make you aware of the potential pitfalls is vital to keeping the business going during particularly disruptive events.
2. Displace Risk to Institutions
There are some risks so great and costly that you will need to pay to displace them onto another institution. The most prevalent example of this is insurance. A business owner must understand their insurance and what risks they are mitigating for their premium. There are newer insurances that center around technology and data that must be understood by business owners as digital assets become more valuable and more targeted by criminals. We recommend doing an insurance and risk review at least on an annual basis to ensure you are up to speed with amounts and types of risks that are being considered.
We have an entire series of articles discussing cyber insurance.
3. Build a War Chest
It's vital that a company pay attention to its financials and that it keeps a healthy cushion to weather the bumps that occur in a business cycle. A couple of metrics to keep an eye on are the current ratio and EBITDA. The current ratio (current ratio = current assets/current liabilities) gives you an idea of how well you can pay off your short-term debts and a general sense of how much cash you have available to keep your business afloat during hard times. EBITDA (Earnings Before Interest, Taxes, Depreciation, and Amortization) is a method of assessing the health of a business's profit. If these two metrics are managed to the appropriate levels this will allow the business to take a downturn, cut costs or weather the storm until profits return.
4. Disaster Event Exercises
Your business should have a list of disaster scenarios that you and your team can practice dealing with. Drills and tabletop exercises are ways to prepare staff to execute a disaster plan. A written-out plan ensures the steps were carefully considered when calm and clear heads prevailed and not in the middle of a crisis. Some common continuity planning scenarios are:
What if all your data is encrypted and your backups have failed?
What if a partner or key employee gets seriously injured or dies?
What if your company takes a 25% revenue hit?
Of course, you do not want to go crazy and invent a hundred irrelevant scenarios, but there are major ones that would be company killers and should be planned for with your team. We offer a free IT Roadmap to help local business assess their technology environment.
Having the key stakeholders aware and in line with how you and your business are addressing risk is essential to the success of all the previous points. Each member of your team must know their part and what it is they need to do.
Nothing is 100%, and you can never get rid of all risk, however, by putting some preventative thought and following a framework, you can increase your chance of success and keep your business around and viable for a long time.
The information contained in this communication is intended for limited use for informational purposes only. It is not considered professional advice, and instead, is general information that may or may not apply to specific situations. Each case is unique and should be evaluated on its own by a professional qualified to provide advice specifically intended to protect your individual situation. Kosh is not liable for improper use of this information.