COVID-19: Managing Risks and Ensuring Business Continuity

To ensure business continuity, having an emergency scenario is essential. In the current situation, it is vital to react as fast as possible in order to mitigate impacts and other risks and to prepare the organisation for the further development of the COVID-19 pandemic and its possible scenarios. Business continuity management covers infrastructure, cyber, employee, business, operational and communication risks, with the aim of managing an organisation that has to face new challenges and risks and wants to ensure continuity of operations and production.

In normal operation activities and in reaction to common events (e.g. breakdowns), business continuity management sets a strategic and operational framework to actively increase corporate resilience. The objective is clear: to prevent suspension of operations or services. How can your organisation ensure continuity of business?

Business Continuity Management

COVID – Initial Measures

·       Implement fundamental emergency measures for the current situation

·      Implement all the recommendations of the local authorities and World Health Organization

·       Benchmark of introduced measures within your industry

·       Employee travel restrictions or travel ban

COVID – infrastructure risks

·       Check the readiness of infrastructure and other services (SaaS
etc.) for the higher load of employees working remotely

·     Check if the corporate systems can be managed remotely without the
physical presence of IT employees (Operations, Support etc.)

·      Map single points of failure in the infrastructure in case of
remote operations, design countermeasures

·       Define the responsibilities of suppliers according to SLAs in case
of emergency situations, draft any required amendments

·       Set up sufficient IT support for remotely working employees

Prioritise access to corporate systems (Management, Top Management priority

·       Review the number of application licences that ensure remote

COVID – cyber risks

Check security and monitoring of applications for remote access

·       Test applications for remote access (VPN etc.) + patches,

·       Perform Awareness campaign for specific cases of social
engineering attacks in communication related to crisis

COVID – employee risks

Analyse key roles that require on-site access, plan a backup plan
in case of their absence (e.g. substitutability)

·       Design measures to help employees’ with management of stress and
stressful situations

Arrange a method of assigning and distributing employees at
various levels of operational reduction

·       Set up access for employee mobility (division of shifts,
transport, etc.)

COVID – business and operational risks

·       Map single points of failure within the organisation (processes,
employees, technologies) and draft countermeasures

·       Establish emergency measures and organisational instructions in
order to ensure continuity of operations according to the level of risk

·       Set up reaction plans (procedures, allocation of employees, tools
and other resources)

·       Prepare for issues in the supply chain

·       Make arrangements for work that cannot be done remotely

·      Prepare for the need to close down office or business premises

·       Stabilise the organisation for the event of a significant impact
on its economy (Plan for optimization ofcosts, processes and portfolios)

·      Prepare scenarios, plans and measures to restore business
operations (disaster recovery plans)

COVID – communication risks

·       Set up a mechanism of communication with employees (positive),
partners, suppliers, authorities, and the public


Did you find this useful?