In May 2015, The NYC CFO Leadership Council presented “Protecting Your Company and Managing Risk: Disaster Recover for CFOs,” where we reviewed:
- How to manage risk in the event of a man-made disaster
- The available options to underwrite risk and the provisions to include in your existing agreements
- How to be confident that your technology services are well prepared to minimize and recover from disaster related disruptions
- How to protect your human and physical assets
Our speakers included:
 |
 |
 |
 |
|
Donna Childs, Founder & CEO, Prisere LLC |
Neil Gariepy, Senior Director of Engineering Operations, NetSuite |
Bob Glasser, East Coast Regional Director, Aon Risk Solutions |
James Knox, Esq. SVP, Financial Services Group, Aon |
We Learned:
The Best DR Plan Constantly Changes
According to our panelists, great planning for disaster recovery does not start and stop in a set amount of time. Rather, a great disaster plan constantly evolves and changes as your company grows. For example:
- Has an employee been injured, and would need additional help exiting the building in case of an emergency?
- Have new employees been briefed on disaster security procedures?
- Has your disaster plan taken into account your cyber footprint?
- Does your insurance policy take into account all facets of your business?
- Do you audit your disaster recovery plan in real-time?
- Do you have an operations team that can execute on your plan? For example, if your entire team is located in California, and a disaster happens there, do you have the resources available to help mitigate disaster?
Our panelists recommended a two-prong approach to thorough disaster recovery planning – involve multiple business unit heads, including your HR, IT, and Operations teams, and audit your plan on a regular basis (at least 3X per year).
When Disaster Strikes: Listen To Your People
If a disaster does strike, our panelists stressed that the most important action for us to take is to listen to our employees. As one panelist stated “A disaster is a violation of our most basic sense of physical safety and security. It takes time for all of us to process our emotions, and we need to be heard.”
Our panelists urged:
- It is your responsibility to listen to the experience of every one of your employees.
- Your people will feel violated. You must listen with compassion and empathy.
- There are certain longer-term emotional consequences that you might not immediately see. Be aware of the warning signs.
Finally, all the steps that you take to secure your facility is going to depend on how well you prepare your team to handle a crisis emotionally. Be willing to reach out and receive help if its necessary.
Security Is an Interplay of Your Technology and Physical Location
Another critical part of your plan is understanding the scope and potential effects of a technology disaster on your business. Questions you should ask yourself include:
- Am I running my business entirely across technology?
- How long can my business live without a particular service (email, VoIP, etc.)?
- Where are my technology vendors’ DR sites? How close are they located to one another? For example, are they located on opposite ends of the country or on opposite sides of the Hudson River?
- Do my technology vendors have DR plans for my data and services? If so, how will my business be impacted in the case that my technology vendor experiences a disaster?
Our panelists urged attendees to work with your technology vendors early and often to not only understand and incorporate their disaster planning into your own, but to also audit on a regular basis to ensure your safeguards are working.
Get To Know Your Insurance Policy Intimately
One of the biggest stumbling blocks companies face in the event of a disaster is the comprehensiveness of their insurance policies. Our panel urged attendees to meet regularly with their insurance team to review, audit and understand their policy and its protection in the face of a disaster. For example:
- In your pre-loss claims management, review your policy regularly, ensure accurate PD and BI values, establish claims reporting and management protocols, identify centralized leadership with local, national and global coordination, and build your team.
- In the event of a disaster, request an on-site visit by your adjuster ASAP, and then assume responsibility of measuring your own claim with your contractors, engineers, etc.
- Review your insurance coverage in detail with your broker and a forensic accountant, and work with your management team to mitigate BI loss.
Further, do not lose sight of the fact that an insurance claim is both a cooperative and an adversarial process. Take initiative, and remember that your team prepares the claim (not the insurer), and be prepared to support your position.
For resources presented during this program by our sponsor, Aon, please download either of the following:
- Protecting Your Company By Managing a Complex Business Interruption Claim
- Protecting Business Income
For more information on this program or on The NYC CFO Leadership Council, please go here.