Monday, 20 July 2020

What does “back to work” mean for your business continuity planning?

Organisations must revisit their operational strategies and business continuity planning in the wake of the COVID-19 pandemic.

face masks in office

Organisations must revisit their operational strategies and business continuity planning in the wake of the COVID-19 pandemic. Here, the Grant McGregor team considers what this might mean for your business continuity planning and, especially, IT.


In a recent blog, we looked at how the current coronavirus pandemic has put existing business continuity and disaster recovery to a uniquely difficult test. There can be few organisations who aren’t revisiting their plans in the wake of the crisis.

But how should organisations respond to the “new normal”? And how should this be incorporated into your updated business continuity plans?

In our previous blog, we highlighted how the World Economic Forum had identified four key pillars of risk: economic, cybersecurity, environmental and social.

Grappling with all this change and reflecting it within your updated business continuity plans will require thoughtful assessment and careful planning.

Short-term response planning

In the short term, we have the immediate operational requirements of adapting to the new, post-COVID world. This will be predicated on a number of approaches:

• Implementing infection control measures, such as social distancing, masks and hand-sanitising stations

• Establishing employee wellbeing programmes that create a safe working environment for those that need to return to onsite operations

• Flexible work arrangements to facilitate social distancing

The continuing enablement of remote working to further aid social distancing and to support those staff who can’t return to onsite working

• Regular communications about current advice and regulations so staff, customers and other stakeholders understand the rules and their own responsibilities

Communications will play a key role as well: addressing staff concerns in an open and transparent manner will be important reassurance and help with business continuity.

Immediate technology challenges

As we noted in our previous blog, the hasty adoption of digital solutions by so many companies in their response to the pandemic has opened the doors to a huge potential cybersecurity challenge.

While technology has played a vital role in supporting remote working and continued communications and collaboration, the risks of cybercrime and privacy violations have been greatly exacerbated.

There are several immediate changes organisations can make to address these concerns:

• Companies need to ensure they are using secure tools from trusted providers – switching from Zoom to Microsoft Teams, for example.

• Don’t risk employees working from home on unsecure devices: make sure workers are using company-issued hardware that complies with your security approaches.

• Operating systems and security tools must be up to date, patched and monitored.

• If you haven’t got established bring your own devices (BYOD) policies, now is the time to get them formalised, communicated and enforced.

• Implement two factor authentication (2FA) if you haven’t already.

• Implement a solution for mobile device management (MDM).

These are simple solutions and now is a great time to invest. Remote working is high up on the boards attention and likely to get investment. Close the loopholes now so you can be confident that your operations are secure.

Other longer-term challenges

Most organisations are likely to face significant continued operations throughout this period. With the UK Government predicted a second wave of infection early in 2021, operational disruption is likely to continue for the foreseeable future.

Throughout this period, businesses will be challenged by likely under-performance, economic constraints and supply chain challenges. IT can offer some solutions to these challenges, helping to streamline operations and reduce operational costs while also supporting flexibility and agility.

Companies will need to take a proactive approach to identify, assess and respond to risks, including:

• Review lessons learned and develop new internal guidelines in response

• Continue to monitor in-house vulnerabilities

• Stress testing of tier one and tier two suppliers

• Consider alternative supply chain options to build resilience

• Understand the pressures that will impact customers and market demand

• Assess the possibility of demand spikes and how the business will be able to respond

• Review options for diversification to create more sustainable demand

• Adapt marketing approaches to respond to and exploit the new market conditions

• Review short-term capital demands for ongoing business operations (and any necessary near-term capital raising

• Review operating costs and curtail non-essential expenses where possible

• Understand the legal advice for operations and communications

• Build communication plans for staff, customers and key stakeholders

The situation remains very fluid and plans will need to be continually reviewed and revised.

The old adage of business continuity plans being a loving document is truer now than ever.

For businesses that can review and adapt in an open and transparent way, there is potential to create a new way of operating and a new business continuity approach that will result in your organisation being more resilient to any future disruptions.

Business continuity should be part of your overall IT strategy, if you're not sure whether it's part of yours or if you know you don't have an IT strategy plan, it might make sense to get your hands on our free IT Strategy Guide

Alternatively, if you would like help with strategy development and planning for your technology solutions, please get in touch with the Grant McGregor team.