The last ten years have shown us that challenges can arise at any time, resulting in unanticipated consequences. For businesses, those could be immediate in the aftermath of an emergency or far-reaching through limited supplies, reduced production, or customers who look elsewhere while the company gets back on its feet.
According to the Federal Emergency Management Agency (FEMA), 40 percent of companies do not reopen after a disaster, and another 25 percent fail within one year. That makes it vitally important for businesses to prepare for the unexpected and setting up processes to manage the risks they could face.
Forewarned is forearmed
At the very least, a risk assessment process enables your business to identify where it may be vulnerable, and what can be done about it. Setting up a risk assessment means identifying the natural, man-made, and technological setbacks that could be reasonably expected to impact the business.
Next, the business needs to identify the assets that would likely be impacted, and the severity of the loss should the worst-case scenario eventuate. Management should run through the process at least annually, using the collected information from across the business to calculate the level of risk, with all mitigating activities and steps factored in.
Taking those risks and controls and building them into the risk register in Nintex Process Manager ensures that not only are they recorded, but they become visible. Wherever a business process or procedure touches on one of the risk factors, users will be able to see how the process contributes to managing that risk.
When those processes are changed, the risk owner is notified so they can verify that the controls are still relevant and effective. If it’s deemed necessary, those risk managers can also be added as approvers for process changes, adding another layer of protection for potentially vulnerable activities.
The risk register also tracks reviews and signoffs, ensuring that the controls in place are regularly assessed and acknowledged by the relevant parties. Where controls aren’t reviewed within the agreed timeframes, escalations highlight the issue for risk managers to make sure there are no surprises should a disaster occur.
Know your contingency steps
Risk assessments are an excellent foundation for identifying vulnerabilities within the business, but in a worst-case-scenario, companies need emergency protocols in place to ensure continuity of service for their customers.
There are numerous processes to consider. A crisis communication plan identifies who is responsible for maintaining communications with customers, suppliers, government agencies, and staff, and outlines what messages should be prioritized and contains the key contact details and credentials for essential channels. An IT recovery plan records the steps to mitigate a software or hardware breakdown, including recovering data, securing systems, and contacting affected customers.
One of the key sets of processes every business should establish is emergency response procedures. These could include evacuations in the event of a fire or natural disaster, shelter-in-place protocols for biological or chemical hazards in the environment, or lockdown procedures to deal with terrorism or active-shooter scenarios.
The practice of capturing these processes helps a business work through their preparedness, identifying shelter rooms, ensuring adequate supplies are on hand and recognizing what resources are required to preserve life in the event of an emergency. Automating these processes can ensure that when these unexpected events occur, process execution happens as quickly as possible with minimized chance of human error.
By working through the scenarios and building and automating robust processes that recognize local regulations, codes, and requirements, a company can ensure they meet all the necessary expectations for signage, safety equipment, and practices.
Once those have all been established, the process provides a clear set of guidelines – including regular drills – that inform staff and ensure everyone is adequately trained to respond if the need arises.
Plan for tomorrow, today
The best approach to disasters and emergencies is to recognize the possibilities, measure the risks, establish clear processes that manage them, and automate those processes where possible. In this way, businesses can prepare for the unexpected and ensure they have a well-constructed plan to follow.
We have a selection of emergency response templates to help you get started here at our Nintex Solution Accelerator Gallery.
Establish total visibility, gain control, drive operational efficiencies, and manage risk with process management and automation.
Find out how you can use processes to prepare for the unexpected by downloading the eBook, Business risk is a process problem.