The current era of load shedding is proving to be detrimental to South African businesses. The International Monetary Fund has warned that prolonged periods of blackouts could result in the economy only growing by 2.1% in 2015.
What is even more worrying is that stage three load shedding is estimated to cost South Africa R80 million per month, according to energy expert Chris Yelland. Naturally, organisations are now focusing their attention on a business continuity plan (BCP) that ensures it is business as usual – even if the lights (or more importantly, the IT) are off. So, how can an organisation put a successful BCP in place?
Get buy-in from key decision-makers
This might seem like the most obvious step, but it is often the most overlooked. The key members at the top of an organisation need to be involved in formulating, reviewing and deciding on the BCP. Everyone needs to be on-board from the get-go to avoid any future confusion.
Identify the risks
A business needs to conduct an audit and determine which systems are a priority and cannot afford to be down. Email is a good example of a communication system that is crucial; therefore, it needs to be always available and online, regardless of circumstances.
Manage the risks
The wait-and-see game will almost inevitably lead to catastrophe. Risks need to be mitigated before disaster strikes. A business could use a cloud-based email platform to give vital back-up to the main email system like Microsoft Exchange and alleviate the risk when this email server is unavailable.
Choose a solution that’s able to uphold security standards
Organisations can be vulnerable to IT security breaches in periods of disaster recovery if their IT security infrastructure is connected to a failed server. Deploying a cloud security solution can provide cover should an organisation’s server fail due to a power outage, and ensure that the business continues to operate securely.
Restore back to normal as quickly as possible
Once load shedding ends and the power is back on, a business needs to return to normal as quickly as possible. If it takes days to restore IT systems to regular day-to-day operations, the BCP needs to be revised to avoid downtime.
Measure the plan
The what, when and how of a BCP needs to be measurable. The statistics from these measurements can then be used to make informed decisions whether the plan is successful or not.
Not only does a business require formal documentation for POPI and ISO compliance, but it also needs the plan to be accessible to its employees. The access to information will better prepare them to understand what they can expect in an outage or disaster scenario and what is required of them.
Revise the plan
It’s important to constantly review and assess the BCP, since there are always new threats and disasters on the horizon. BCP revision should be an ongoing process whereby executives review and agree on the way forward.
The more prepared a business is, the better equipped it will be to manage an emergency situation. Testing a business continuity plan on a regular basis is crucial, so that should the lights go out, it’s still business as usual.