COVID-19 has undeniably changed the world. In our efforts to reduce, contain, and eliminate the spread of this infectious disease, governments and organizations all over the globe have quickly adopted strategies and mitigation measures to safeguard business processes and people - with neither of the two being exclusive of the other.
In this session, we aim to help SGSecure Representatives learn how to plan for threats such as terror attacks, and the current pandemic crises in their business continuity and pandemic preparedness plans. The session will also explore insights from the COVID pandemic crisis, and discuss how businesses can be better equipped to plan for business continuity, start building resiliency and return to a new normalcy.
This article aims to provide a summary of the webinar presented on 30th June 2021. The agenda of the webinar is as follows:
Then COVID-19 happened.
Now the Business Continuity Manager may be called to play the role of the Flu Manager, a position that involves keeping up with the various mitigation measures involved in keeping a pandemic at bay. Such measures, in the case of our current COVID crisis, could include setting up temperature checkpoints, managing contact tracing, and managing employees showing symptoms within the organization.
This role continues to evolve as a task force and the latest is to include everybody who is managing health and safety (for managing infection onsite), facility and security for preventive measures such as access control, temperature checking and social distancing; crisis management team to handle events that are external to an organization such as the public and the press.
We all know what Remote Working is; staff being relegated back to their homes in order to continue functioning in the event of an (in COVID's case) global pandemic. We've all experienced it to some degree or another over the past year or so, and we're all familiar with it. From a Business Continuity perspective, however, having your team spread out all over the country (Or perhaps even over the globe) poses its own concerns, and as it becomes more and more likely that remote working will continue in some capacity into the New Normal, we need to consider how this impact Business Continuity for the organization.
That is no longer the case.
While email, telephones, and chat systems undoubtedly serve their purpose, they often lack a human element that is sorely absent for staff during their isolation at home. In order to properly communicate Business Continuity Objectives during a period rife with the pandemic, BCM professionals have been forced to adapt to using teleconferencing software in order to conduct group meetings, check-up and touch base with employees, and communicate.
Risk Analysis is one of the first two steps an organization needs to undertake in order to complete the Business Continuity program. It involves the collection of data from organizational staff regarding threats, their gauged risk level, as well as other dangers faced by the organization.
In light of COVID-19, one must ask the question: Is my infectious disease threat rating properly rated? Are the control measure for infectious disease accurate in light of what we have seen and experienced during the COVID-19 crisis, or are they insufficient, ill-equipped to mitigate, and just not working?
Business Continuity Managers might want to take another look at this threat, as well as other threats that may have overlooked simply because they either 'have not happened yet or are 'unlikely to happen.
Additionally, with remote working in place, a new set of vulnerabilities have presented themselves: cyberthreats. With the team spread far and wide across the country, relatively alone, and using their home wifi, it might be prudent to conduct risk analysis on how this new arrangement affects threats like cybersecurity risks, IT disruptions, and other similar threats.
One of the significant change in our planning for continuity strategies during COVID-19 is the use of the alternate site. The fundamental basis of having an alternative site is for critical business functions to operate immediate post a disaster. However, with the current work from home (WFH) strategies resulting from COVID-19 constraints, it is necessary to re-think the concept of what exactly is "BC strategies." The organisation should start to re-think now as we evolved and slowly exit to the new normal.
You may want to consider that the fundamental existence for business continuity is to continue your critical business function after a disaster. We may evolve back to our pre-pandemic state after a year or two post-COVID-19 and only time will tell.
While often very detailed, many pre-COVID plans, however, are not built solely for Work From Home arrangements. Organization staff resources are often divided between one or more alternates, sites, working from home, as well as customer sites. Within the context of COVID, such an arrangement is unfeasible. Business Continuity plans need to be relooked at, and separate (purely WFH) procedures need to be established, arranged, and tested/exercised among staff.
In light of COVID-19, an infectious Disease Exercise is no longer a suggestion; it is a compulsory facet of every organization's set of annually (at the very least) tested scenarios moving forward. Every organization, their Business Continuity Plan, and their staff needs to be continuously validated and prepared for the possibility of a Pandemic.
Participants of the Infectious Disease Exercises will be taken across a scenario that spans the full length of the DORSCON spectrum, from the relative safety of DORSCON green where the virus exists but is nowhere near local shores, to the worst case that is DORSCON Red, where the infectious disease has taken root, is spreading rapidly, and is killing people on a rapid scale, all so the staff members of the organization know how to react and respond during each phase of a potential pandemic.
Digitalization has proven itself a tremendously useful crutch during the COVID-19 Pandemic, bypassing the limitations of face-to-face customer service enforced by COVID-19 measures, allowing staff access to resources across the web, and ensuring that remote working flows as smoothly as possible.
However, Digitalization also comes its own set of risks: cybercrime, IT disruptions, as well as the very real danger of unscrupulous hackers using the human element against you, targeting your (now remote working) isolated staff to gain access to company information, as well as the general insecurity of the current IT model of remote working.
A stronger, more robust Cybersecurity plan is required to be considered and implemented moving into the New Normal.
When COVID-19 struck us, how many organizations were truly prepared? How many were truly and utterly ready to take on a country-wide pandemic which would displace staff from the workplace? Many organizations acted swiftly, implementing impromptu policies and procedures, but the truth is many of us were caught off guard. Some were completely prepared, while others were only prepared in theory; they had the plans, they had the procedures in place, but staff were not ready to move with it. Thus, the best time to act isn't during the pandemic (or any crisis); it's before it ever happens.
It all starts from the top. If the Crisis Management Team, the senior management of the company, fails to properly execute established procedures, it doesn't matter how well done your Business Continuity or Pandemic Preparedness Plan is. Active involvement, familiarity, and interest in the company's BCM program is part and parcel of its success - especially during something as severe as the COVID-19 pandemic
Communication is king. Communication with your staff, within departments, with your customers, with your senior management, and with suppliers. There is no plan out there that works without tight, close-knitted communication with all its moving parts, and the Business Continuity plan is no exception.
The availability of vaccines being made available is the start of the end of COVID-19. The duration is still fairly long. Meanwhile, the waves and resurgences of infections continue to mount and take their tolls on the most economical.
The key is to ride out this pandemic outbreak but continuing to maintain vigilance and upkeep the BCM professional support to the organization and your host countries.
The content is a summary of the SGSecure@Workplaces webinar "Business Continuity Planning in the New Normal" presented on 30 June 2021 by Dr Goh Moh Heng |
Competency-based Course | Certification Course | |
Back To | ||||
|
Reference GuideGoh, M. H. (2016). A Manager’s Guide to Implement Your Infectious Disease Business Continuity Plan, 2nd Edition. GMH Pte Ltd. |