The Preparis Blog

Preparation Is Not An Accident

Posted on October 7, 2015 by

The 10 Habits of Highly Resilient Organizations

Prepared OrganizationPart of what I love about my job is visiting with customers of all sizes and a variety of industries around the world and seeing firsthand the different ways they approach business continuity and cybersecurity.  Just as no two companies are alike, no two programs are exactly alike.  A company’s mission, culture and leadership philosophies always drive the way a company addresses risk.

These are 10 habits I’ve observed consistently from well-prepared organizations.

1. Leadership Buy-in

It’s easy to tell right away when leadership truly values its employees, brand, and commitment to customers.  Leadership recognizes that the world is becoming riskier and drives business resiliency from the top down, not just verbally, but as an investment in their time and dollars.

2. Culture

For any organization to quickly mobilize and take action on anything, it must be ingrained in the culture. Things like integrating business continuity and cybersecurity into employee orientation programs, newsletters, lunch & learns, and awards programs make resiliency an important part of a company’s values.

3. Localize

All crisis events start locally. A company’s headquarters should not be the only location with plans, training, an emergency messaging system, and practicing.  Every office location should practice to be prepared for a business disruption.  Use pre-developed tabletop drills to make it easy to get started.

4. Communication

Organizations that are great in communicating are naturally well positioned to communicate during a crisis. Ditch the call tree and email list and implement an emergency notification system.  Test it 4 times a year and make sure everyone knows who is responsible to lead a crisis nationally, locally, and on every floor.  Employees want to be led during an incident and modern day communication tools make it much easier.

5. Training

More than likely, your organization does not have a team of dedicated crisis professionals. You need a team, however, to kick in gear at a moment’s notice. Crisis teams who are trained on how to navigate the business through any disruption will have confidence and expertise when called upon. Use the power of online training to make it easy and efficient.

6. Practicing

Companies who bring together their executives and crisis teams once a year to practice going through a response together, called a tabletop exercise, ensure collaboration and the viability of plans. Companies that rigorously practice their crisis response also find gaps that create better plans and outcomes.

7. Assess Your Ecosystem

Companies who regularly assess their third party vendors know that their own uptime is only as good as the business continuity and cybersecurity programs of their vendors. For example, your customers won’t care if your third party payment processing system goes down, they’ll just know you can’t serve them and they’ll go elsewhere.

8. Make It Living

Outdated binders sitting on the shelf won’t work well during a crisis. Use the power of the web and mobile devices to make plans living, actionable, and accessible 24/7. Create a 12 month timeline on when to refresh your plans, test emergency notifications systems, take training, and conduct tabletop exercises.

9. All Hazards

Companies who treat threats with an “all hazards” approach maintain a single framework to address virtually any threat from natural disasters to cyber-attacks. This simplifies the planning process and creates a cohesive team and response.

10. Automation

Technology can help automate your entire business continuity and cybersecurity program, enabling reach and accessibility that was never possible several years ago. Consolidate your plans, threat information, crisis team training, and reports in a single pane of glass and make all resources available on mobile devices. You’re already automating many other aspects of your operations, this is another perfect area to do the same.

Business disruptions just happen. They don’t care about the name on your logo, where you’re located, or how big you are. Your organization’s ability to survive and prosper through a crisis is directly related to what you have in place before the incident occurs. Think about lifeboats on a cruise ship. When the ship is sinking, no one has time to manufacture lifeboats.

The same is true when planning for incidents within your company. Have a program built, practiced, and ready to go. If you’re trying to figure out your business continuity or cybersecurity plan during the incident, it’s too late. Take on these 10 habits now to get prepared and you’ll soon be charting a resilient course.


About Armistead Whitney

As CEO, Armistead leads the strategic direction for Preparis with a passion for implementing innovative sales, marketing and partnership models in industries ripe for change. He has over 20 years of experience leading software, web services and digital media companies at organizations including iXL, Sekani and Nexedia which includes raising over $50 million in venture capital and a successful IPO. He was inspired to start Preparis following his experiences in New York City during 9/11 where he saw firsthand the inability for companies to protect their people, operations, revenue and brand during a crisis event. Armistead holds a B.A. in Broadcast Journalism from the University of Georgia and has been featured in numerous media outlets including CNN, ABC News, NBC, The Wall Street Journal, New York Times, and USA Today and is a frequent speaker at industry conferences around the world.

Business Continuity Resources

Find business continuity resources, including free webinars, whitepapers, checklists, and tabletop exercises. Visit: Preparis Resources