Risk management and preparation comes in many forms, digital, physical, operational, emotional… here’s how you can help your business continue to operate effectively, during the COVID-19 pandemic and beyond.
Only 12% of organizations are highly prepared for the impact of Coronavirus, according to Gartner’s recent Business Continuity Survey.This demonstrates that there’s a need for businesses to put new risk management strategies in place.
“This lack of confidence shows that many organizations approach risk management in an outdated and ineffective manner,” said Matt Shinkman, vice president in the Gartner Risk and Audit practice. “The best-prepared organizations will manage the disruption caused by Coronavirus far better than their less-prepared peers.”
Responding to increased IT and cyber risks
Working from home has become the new normal for many employees, which is helping many organizations to continue operations. However, remote working has led to changes in app-access rights, and using personal devices has left organizations’ infrastructure vulnerable to cyber-attacks, reports McKinsey. In fact, the number of attacks against organizations grew exponentially to reach a four-month high at the end of April 2020, as Coronavirus spread, reports Computer Weekly
According to the World Economic Forum (WEF), hacking and phishing attacks are likely to become commonplace for many companies, even as the virus infection rate begins to recede. “It is simply to do with the fact that organizations are more vulnerable, both in terms of their new modes of operation and the level of distraction of their personnel,” said Richard Smith-Bingham, in the WEF report.
Implementing VPNs at scale and secure access via multi-factor authentications can help to keep your digital assets secure. McKinsey advises that your test your technology-risk plans, such as incident response, business continuity, and disaster recovery. “If your organization doesn’t have adequate plans in place, create them, and then test them. You must determine whether your organization’s risk-response approach is effective and efficient. Eliminating risk events is impossible, but you can reduce the exacerbated risk associated with a poor response.”
It’s also important to educate employees on cyber risks. They should be vigilant when accessing the network and recognize phishing emails that, for example, ask for other employees’ direct phone numbers or access to certain files or sites.
Planning for employee productivity challenges
You’ve provided the necessary tools to enable your employees to work remotely: that’s a great start. But supporting employees is about more than just providing a laptop and setting up a secure remote network. You need to put procedures in place to prepare for a reduced workforce.
Yes, most organizations have facilitated remote working where possible, but what if your employees are unable to work for a period of time? “Some 40% of staff during this period may be unable to work due to sickness, either directly or indirectly,” states Wharton University. The report highlights that even if the individual is not ill, they may need to take care of other family members who are sick with COVID-19, or carrying out family duties such as childcare and home-schooling.
Risk management is about more than safety procedures, you need to consider the emotional impact that a pandemic can have on your staff. “It is in a crisis that those at the helm need to show their mettle. In everything they do during a crisis, business leaders need to express empathy and compassion for the human side of the upheaval,” James Green, Director Risk Advisory Services told Financier Worldwide.
Preparing for possible supply chain disruption
While some services have ground to a halt, the global economy still relies on vendors and manufacturers to supply goods and products. Supply chains need to continue, but some are grinding to a halt.
“COVID-19 illustrates that many companies are not fully aware of the vulnerability of their supply chain relationships to global shocks,” reports Deloitte. “Fortunately, new supply chain technologies are emerging that dramatically improve visibility across the end-to-end supply chain, and support companies’ ability to resist such shocks.”
Taking an agile approach to your supply chain operations can help you face current challenges and also prepare for any future issues. Using a single digital platform helps to eliminate silos and enable end-to-end visibility and collaboration across the supply chain. Intelligent technologies can then be integrated with the platform to future-proof operations. For example, using Artificial Intelligence (AI) capabilities helps organizations gain insight into their data and predict disruptions and vulnerabilities in the supply chain.
Your operational risk management checklist
There are many aspects of risk management to consider as part of your business continuity plans. Deloitte breaks these down into several key sections. There are initial measures, such as implementing recommendations from the World Health Organization and your local government. Then there are infrastructure risks, such as checking that corporate systems can be managed remotely without the physical presence of IT employees. There are also cyber risks that include checking security and monitoring applications for remote access. An overview of these points can be seen in the diagram below:
Perhaps most importantly, the fifth points are the business and operational risks to consider.
Deloitte recommends you:
- Map single points of failure within the organization (processes, employees, technologies) and draft countermeasures
- Establish emergency measures and organizational instructions in order to ensure continuity of operations according to the level of risk
- Prepare for issues in the supply chain
- Make arrangements for work that cannot be done remotely
- Stabilize the organization for the event of a significant impact on its economy
- Prepare scenarios, plans, and measures to restore business operations
If you’d like more advice on how to maintain business continuity, download our 3-Step Guide to Business Continuity. You’ll find out how to design new processes for collaboration, reassess your risk management, and automate processes for greater efficiency.