More serious rehearsals In the past, testing of plans through rehearsals was a weak spot of business continuity planning, Tucker says. Now it's getting more serious attention, with companies testing more frequently and making immediate changes to their plans based on what they learn in the run-throughs.
Better documentation. If policies and procedures for business continuity are well documented and distributed, it can avoid troubles that could arise when the handful of people who know the plan are stuck, for instance, in London for several days. Says Tucker: "Before Sept. 11, people would have laughed you out of the room" if you offered that suggestion, but that was the precise problem for many firms when air travel was grounded for several days.
An emphasis on safety. Employers are realizing that "people do come first," Tucker says. The old assumption was that during an emergency, employees would be safe, that they could leave the office and drive to a pre-arranged recovery site. Now there's a new emphasis in plans on how to keep employees physically safe in the event of a disaster and get them out of harm's way.
The insurance case. Another compelling reason to enhance a corporate business continuity plan is a change by insurers after 9/11. Increasingly, Tucker says, insurers are not offering businesses coverage for terrorist acts, while at the same time they're raising rates significantly. That means companies have to take extra steps to protect themselves if insurance will not compensate and assist them in the event of a major business disruption.
Show me your plan. Many BC plans have an added component: They're requesting information on the BC plans of their major partners and suppliers to see if they're up to their standards. Even if your company does not experience a major disruption, a disruption at a supplier's business could adversely affect your company's ability to continue operations, so it's something worth considering.
David Aponovich is senior editor of CIN.Earthweb.com. His e-mail is firstname.lastname@example.org.