County Commercial Bulletin
Prevent a ‘Chain Reaction’ During Disaster With These Useful Tips
As flood season approaches, many organisations are bolstering their risk management practices to prevent serious damage from a natural disaster. But unlike the downpour of a flood, many business disasters don’t have a season—they can happen year-round.
Whether it be a deadly cyber-attack or a costly material shortage, business disasters can often cause a chain reaction for organisations across the globe by creating broken supply chains. What’s more, recent research from the Business Continuity Institute revealed 69 per cent of businesses lack full visibility of their supply chains, even though nearly 70 per cent have experienced at least one disruption.
Broken supply chains aren’t cheap, either—23 per cent of companies have reported losses upwards of £1 million from a single disaster. Avoid the costly price tag of a supply chain disruption and promote business continuity during disaster with these tips:
- Recognise each role—The first step to securing your supply chain and ensuring continuity during a potential break is properly identifying who all plays a significant role in the chain. Although this may seem tedious, recording the key players in your supply chain will allow you to determine the different risks involved with each supplier and establish proper risk management techniques. Be sure to be as in-depth as possible in your recording—this means identifying not just in-house and first-tier suppliers, but also second and third-tier suppliers and who you could use as a backup.
- Make a model—Once you understand the different roles involved in your supply chain, you can properly assess potential disruption risks among suppliers. A common practice for locating weak spots in a supply chain involves creating a model (either physically or digitally) of the chain. This allows you to visualise the exposures your organisation may face by modelling different disasters and analysing each possible area of impact.
- Prepare and practise—In addition to modelling supply chain disasters, involving your entire organisation in the preparation process is crucial. Consider implementing a realistic simulation of a chain disruption, encouraging proper incident management by your designated crisis team (senior-level employees with varying areas of expertise in the organisation). Engaging in a crisis rehearsal for even the most outlandish scenario will ensure all employees are calm and prepared for an actual occurrence.
Don’t Become a Statistic: Here’s Why You Can’t Ignore Brexit
For many SMEs, Brexit preparation has been placed on the backburner in order to make way for more immediate concerns, such as cyber-security cover and GDPR compliance. Indeed, a recent insurance broker survey revealed nearly 25 per cent of SME clients ask their broker for GDPR guidance on a regular basis, whereas only 10 per cent have enquiries regarding Brexit. In fact, 35 per cent of brokers said their clients haven’t asked about Brexit whatsoever. Although handling such a wide variety of concerns can be quite the balancing act for SMEs with limited staff and resources, your organisation simply can’t afford to ignore the implications of Brexit. Consider the following guidance to prepare your business:
- Secure your supply chain—As the UK prepares to leave the EU, it’s important to take a closer look at how integrated your supply chain is with the EU market. Prepare for possible time delays from border disruptions and new product standards, and establish supply chain alternatives.
- Cut your costs—While Brexit is months away, consider cutting any controllable costs now to prepare for future price fluctuations or adverse foreign exchange updates.
- Analyse your workforce—Research shows that SMEs rely heavily on EU workers. Be sure your workforce will remain strong following Brexit by helping employees apply for settled status if necessary.
Pay Attention to the GDPR or Else: You Could End Up Criminally Liable
When the GDPR went into effect earlier this year, organisations scrambled to prepare for these stricter standards. And while many businesses feared the outcome of non-compliance due to costly fines, there are far greater punishments that exist for organisations’ directors. Under the updated regulations, a multitude of cyber-mistakes made within your business could hold you—the director—criminally liable. Ultimately, the GDPR maintains that senior-level management is responsible for ensuring a wide range of obligations to protect their organisation’s data, including effectively preparing for and responding to a cyber-attack. Key obligations include:
- Ensuring data security standards with proper data protection, routine evaluations and updated computer programs
- Preparing all staff members for digital risks and possible breach detection, such as malware and email phishing
- Informing affected subjects and the ICO within 72 hours of a data breach that could result in serious damage
- Appointing a data protection officer