Hey, what’s up, everyone! The world is in a pretty grim situation today. I hope everyone is safe, and indoors. Social distancing is the only way to come out of this pandemic!
In the recent light of events, every single corporation out there has invoked Business Continuity Plan (BCP). It was very surprising to see how unprepared they were when Covid-19 became a pandemic! And the reason? “Pandemic occurs once in 100 years! ” Yes, you read that right folks. Let’s talk about this!
What is a Business Continuity Plan?
A “business continuity plan” (BCP) is a process that outlines the potential impact of disaster situations, creates policies to respond to them and helps businesses to recover quickly so they can function as usual. A BCP is generally created in advance of a disaster and involves the company’s key stakeholders. The main goal of a BCP is to protect personnel and assets, both during and after an emergency.
What is considered as an “emergency situation” to invoke BCP?
An emergency situation is an event where business cannot proceed under normal circumstances. This could be:
- Natural calamities such as floods, earthquakes, tornadoes, etc.
- Threats such as fire, terrorism, cyber-attack, power outage, nuclear attack, etc.
- It could also be a random failure of mission-critical systems, data corruption, misconfiguration, etc.
- Lastly, an epidemic breakout.
What if the epidemic spread across the world, and becomes a pandemic? Nah! That could never happen with our superior technology, and state of the art medical & healthcare systems today.
Why is it important to plan for a pandemic situation?
In one of his TED talks, Bill Gates, the legendary philanthropist, explains how we are not ready for the next outbreak. Folks, this TED Talk was published in March 2015, when Africa was facing the wrath of Ebola Outbreak. If this wasn’t a wake-up call, I’m not sure what is. We had 5 ample years to prepare a contingency plan, and what are we doing now? Hoarding toilet papers, price gauging sanitizers, and shutting down businesses at places where work-from-home isn’t available.
BCP in a corporation doesn’t necessarily mean every employee gets a ‘work-from-home’ option. There are thousands of scenarios where ‘work-from-home’ is just not feasible! Some examples:
- Satellite Communication & Imagery
- Live Production Servers at banks & other financial institutions
- Medical records of patients in a hospital
The one thing that’s common in the above examples is that they deal with critical & confidential information that could be a potential threat, both to the country & the people.
I mean, could you imagine what would happen if all the banks go down during a pandemic? No Banks => No money => No Jobs => No Economy => Chaos => End of the world.
During a natural calamity, let’s say a flood or an earthquake, or even during an epidemic breakout, any BCP mandates to continue the business from alternate locations. These locations are usually spread across the world.
During an act of terrorism, or let’s say the organization is in the middle of a cyber-attack or any random failure of a critical system, any BCP mandates to switch to the backup server/system at a secure location.
Folks, in both cases, there are two groups of people. One group in the middle of the emergency situation, and the other group, far away from the same emergency situation.
This is not the case during a global health crisis such as a pandemic. There are no groups to tackle the situation. There are no alternative locations to continue the business. Let’s not forget, to contain any pandemic, social distancing is key. With social distancing in force, people tend to panic, which in turn leads to chaos. Essentially, if ignorant, a pandemic is like a falling domino, which could have a long-lasting impact, if not handled with care. And this is what makes a pandemic, far more concerning and serious than any other emergency!
If Ebola was not the wake-up call, I am certain, Covid-19 is! Mistakes were made, lessons are being learned. I believe the only way to formulate a BCP for a pandemic is through what I call, a “PPRR” model. It translates to:
- Prevention – If a country has an epidemic break out, let us flag it, and work cohesively to prevent it, under the assumption that it will become a pandemic. There should be a dedicated department within each corporation to look out for potential diseases that can turn into an epidemic/pandemic.
- Preparedness – Every corporation should be prepared for a scenario where an epidemic has spread beyond the borders of the epicenter origin and is well on its way to become a global pandemic. At this point, all possible solutions ( be it work-from-home VPNs, moving critical teams to a safe & secure work location, reducing human footprint via remote access, etc ) should be at a ready-to-be-deployed phase.
- Response – The immediate response is absolutely crucial. This phase could either pivot the situation to a fast recovery phase, or to the worse possible phase. Once the corporations are prepared, all the various solutions should be deployed. This ensures critical time is well utilized and the business runs smoothly. More importantly, the quick, well-prepared response ensures less chaos!
- Recovery – Organisations should plan for a systematic recovery approach, both during the pandemic, and post the pandemic. Of course, there are a lot of factors to be considered, with most of them completely dependent on the severity of the pandemic. All possible recovery options should be executed to ensure the business is running as per expectations!
I believe this approach could be a start. I hope we are better prepared and less ignorant for the next outbreak. ( God Forbid! )
Stay tuned for more updates on this folks! Let me know what you guys think.
Stay safe. Stay indoors. Practice social distancing. We will get through this! Peace!