PA Consulting’s business resilience expert, Adam Stringer, discusses the key disaster recovery considerations for SMEs.
The article is about how disaster recovery plans have long been common for enterprises and large public sector bodies, but they are equally vital to smaller organisations. If a small or medium-sized enterprise (SME) supplies enterprises or government, a disaster recovery plan is often mandated.
But many of the principles behind disaster recovery planning apply regardless of the business’s size. And technology, especially cloud-based services, is making disaster recovery more accessible to SMEs.
It goes on to say that organisations also need to look at their supply chains, and how they depend on others for the supply of goods, services, and even data.
Adam says: “Firms often fail to consider third-party dependencies, and rarely examine inter-company arrangements, but in a disaster, their priorities aren’t necessarily going to be aligned with yours.” A clear plan will help to identify these dependencies, and how an organisation would function if a key supplier fails, he adds.
Disaster recovery planning is not finished once the plan is in place, however. Organisations need to communicate the plan – and test it
Adam says: “Firms may have written plans and procedures, but they may not be practical or widely known and aren’t actually then applied in a crisis.”
“They need a clear decision-making structure and playbooks that have been agreed and refined through practice and testing, plus easy-to-understand approaches like a gold, silver and bronze command structure. These are more practical use to firms during a disaster than a detailed 100-page manual.”