Risk. You can’t avoid it. Shouldn’t even try.
You can prepare for it, however. Assessing risk should be the first step you take any time you’re planning for business continuity. But many companies either don’t do it thoroughly enough or don’t do it at all.
This is shortsighted. Just because R-I-S-K has four letters doesn’t mean it has to be a four-letter word.
The good news is that with some careful thought—imagining the worst but preparing for the most likely—you’ll get a better handle on risk.
Threats to your business can be classified in three categories: natural threats, human threats and technical threats.
Below are some of the most common in each category (organized alphabetically). To get started on planning for your company, borrow from these lists or use them to spark ideas of your own.
Once you’ve exhausted your ideas and identified as many threats to your business as you can, it’s time to rank them.
Consider scoring each one of the criteria below with a 0, 1, 2 or 3.
Then, add the scores from each of these criteria to give you a total rating for each threat you identified. (Under the system described in this blog post, a minimum score is 0 and a maximum score is 15.) Obviously, the higher the rating, the more you should be thinking about mitigating that risk.
When you’re finished scoring, create a risk matrix and place each identified threat on it. On the vertical axis of your matrix, plot the likelihood of each threat coming to pass—low, medium or high. On the horizontal axis, plot the severity of the consequences to your organization—again, low, medium or high—should a threat come to fruition. When your matrix is done, the upper right section will indicate your areas of biggest concern.
Now that you’ve identified threats and prioritized them, you can move on to the next stage of the business continuity planning process—figuring out what to do about the risks that concern you.
For more on conducting a risk assessment, including visual examples of the prioritization tools mentioned here, download Contingencies: Are you covered?, a free white paper in our Business Continuity from A to Z series.
Interested in finding the best emergency notification system? Download the Automated Notification System RFP Template.