It’s a bit of a Waiting for Godot situation. Nothing ever happens here – no earthquakes shake the room, no floods intimidate our very existence, no terrorist attacks keep us locked in our homes, and no tsunami hovers on the horizon, threatening the loss of our most valuable asset: data.

Yet this is a false sense of security. Just watching the news is proof enough that bad things happen in good places and to good people. And anyway, disasters don’t have to score high on the Richter scale.

Anything from a misplaced cup of coffee to a small fire can lead to loss of data and consequently, potential loss of business and reputation. Which means one thing. Like the scout motto wisely advises: be prepared.

Business continuity is how you deal with disruptions. A business continuity plan is based on a set of preparatory tasks and related activities which could effectively prevent your business from falling victim to a threat, and bringing it back on its feet within a reasonably short period of time. A business continuity plan should be regularly reviewed and tested in order to achieve a state of readiness.

“An effective business continuity plan should be designed for corporations to manage incidents, while also preventing any potential ones from occurring,” international business expert Emiel R. Hoffer tells me via a Skype interview.

There are three main elements in business continuity: resilience is the capacity of a business to make a quick comeback following difficulty; recovery would be the action undertaken in order to regain control of functions that for some reason or other have failed; and finally, contingency is a future incident that cannot be predicted with certainty, yet is likely to affect your business.

Threats, incidents or disasters in the context of business continuity are factors which could prevent your company from functioning properly. If we had to use the metaphor of the human body to represent a business, a disaster would be anything that reduces quality of life, such as an illness.

As the saying goes, prevention is always better than cure, and preparing your business against the likelihood of disruptions could save you a lot of money and resources. It could also save your business. Therefore, it is crucial that you have enough foresight to anticipate the disasters that could pose a threat to your business.

Mr Hoffer continues to explain that there is no one definition of disaster. In the context of business continuity, different disasters could happen in specific countries and in differently sized corporations. Thus, we must understand that the size and the location of the company could determine the strategy adopted for your business continuity plan.

The most common threat to global businesses tends to be extreme and often unpredictable weather. For instance companies in Australia would need to bear in mind the likelihood of a fire outbreak in their area when designing their business continuity plan. Places across the Atlantic are known to be highly susceptible to hurricanes, such as the devastating effects of Hurricane Sandy in 2012, which blew across 24 states, flooding streets, tunnels and subway lines and causing blackouts across major cities including New York and Florida.

Another potential threat could be due to a major staff shortage or disease. Between November 2002 and July 2003, the Sars epidemic in China saw corporations organising their staff in separate teams and rotating them between primary and secondary working sites, with a rotation frequency equal to the incubation period of the disease, as a measure to keep their businesses running.

A transport disruption is also classified as a potential disaster. The 2010 eruption of the volcano Eyjafjallajökull in Iceland affected many corporations, not merely in Iceland, but also across the entire continent. The closure of major European airports had even prevented Maltese staff from reporting to work abroad, or being stuck in one location while on a business trip.

Anything from a misplaced cup of coffee to a small fire can lead to loss of data and consequently, potential loss of business and reputation

Given Malta’s size and location, we might assume that we may never be victims of such disasters. However, even if dubbed as one of the safest countries in the world, our businesses are also vulnerable to disasters, such as flooding, power cuts or cyber-attacks.

In 2011, a two-storey detergents factory in Mrieħel was burned down by a series of explosions, affecting other companies in the area. The zone was declared unsafe for nearby corporations, including Bank of Valletta offices. Thick black smoke penetrated the bank’s offices and its staff was called to evacuate under health and safety measures.

Following the fire at the factory, it was reported that the bank had to relocate to a recovery site in order to process the priority workloads. Luckily, their main IT server was not affected by the incident, and all the IT specialists needed to do was supply and install additional computers to finish their tasks within stipulated deadlines.

Drafting a business continuity plan begins with understanding your business and subsequently, how to prepare and prevent it from encountering possible disasters.

“Once you identify and analyse what could threaten your business, then it’s quite straightforward,” says Mr Hoffer. “Drafting for business continuity is basically preparing a plan for preventing your business from experiencing a standstill.”

In order to successfully draft a continuity plan, you need to follow three main steps: start by assessing the threats that are more likely to affect your business, identifying resources to support them and design a business impact analysis; identify, explore, and implement recovery strategies and finally; and design a solution that would be most cost effective.

For instance, in case of a power outage, an efficient backup plan for a micro-business would include alternative storage outlets or extra batteries for the staff’s laptops. However, for larger business, like a hospital, you would need to install a generator.

However, size isn’t everything. You might think that a small or medium-sized business will not suffer a distributed denial of service attack. However, smaller businesses might be considered to make ideal targets because they tend to lack the proper infrastructure to protect themselves against cyber attacks. Moreover, cyber criminals might attack your small business in order to reach larger companies that you work with.

There are many strategies to go about business continuity, but each plan needs to be adapted according to the kind of business you are operating.

“Ideally, you should stick to a plan which is easy to maintain – a practical one which is also cost effective,” says Mr Hoffer. “A business continuity plan should be a balance on the likelihood of this event happening, and the investment you need to make financially as well as in terms of staff training.”

Business continuity needs to be implemented until it becomes part of the company’s culture. You could spend years developing an idea, watching it grow into a business and building a client base. However, all this could be tarnished in mere seconds. A realistic business continuity plan could ensure that your company is prepared to face potential pitfalls, whatever the cause. Even if the probability of facing a disaster may tend to be minute, if you’re unprepared, there may be very serious consequences for you and your business. Having a concrete plan which is continuously monitored and revised could safeguard your business.

Christine Spiteri has specialised in media culture at Maastricht University, the Netherlands.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.