Coronavirus Business Preparation:
5 Mitigation Activities
Steven Minsky | March 3, 2020
In my latest posts, we discussed the need for a risk-based approach and outlined 5 key risks to consider when preparing for the coronavirus. The Covid-19 pandemic and likely recession will affect all organizations, which is why Coronavirus business preparation is imperative. The pandemic will impact organizations differently depending on their industry, geography, size and other factors. With the help of internal subject matter experts around the company, new mitigation activities need to be outlined.
By applying Covid-19 Risk Management organizations can generate a plan of action for their business to prepare for the Coronavirus, which in turn can result in a dramatic reduction in the negative impact from this event.
Coronavirus Business Preparation Examples
The initiatives that your business can prepare for due to the Coronavirus outbreak can be wide ranging depending on your specific business needs and reduce the business impact if applied correctly. For example these initiatives may include activities such as shifting budgeting from fixed costs to variable spending to provide flexibility in times of uncertainty. Additional Coronavirus business preparation measures to reduce the impact can include changes to work from home, cafeteria, and office supply policies. Further examples include travel changes and event management alterations seeing a shift towards digital marketing activities.
Organizations may need to evolve their go-to-market and business model with the introduction of new products and services aligned with market needs due to a more severe recession triggered by a pandemic. Banks may consider new fee based income products to compensate for a drop in the interest rate due to actions taken by the Fed in a recession or an increase in collection capacity in anticipation of higher default rates.
As you can see the Coronavirus risks could have an influence on all business departments ranging from HR and work from home policies to vendor management and reviewing vendors to see if there is an over-dependency of vendors in a certain area.
Below I highlight some of the key Coronavirus steps that organizations can take to help with their mitigation planning of the Covid-19 pandemic.
Below I highlight some of the key Coronavirus steps that organizations can take to help with their planning of the Covid-19 pandemic.
Step 1: Readiness Assessments
A readiness assessment is a great place to start when organizations don’t know what their business continuity program should consist of. Industry and role readiness templates as well as pandemic specific templates allows an organization to evaluate their business continuity program against a best practice standard and identify where any gaps may exist. These readiness libraries break down standards and best practices into actionable pieces so that organizations can track progress and adherence.
Step 2: Risk Management Plan
All organizations should complete a risk assessment on their core business processes to identify and prioritize any new risks or gaps in their existing controls for new scenarios like pandemics, recession, and geopolitical conditions risks. Process owners when prompted with risks are in the best position to be able to think how these scenarios will impact their areas of responsibility.
Step 3: Business Impact Analysis (BIA)
Not all risks within processes or functions within an organization should be treated the same. A business impact analysis allows organizations to identify which parts of the business are most critical to its operations. Use the results of the BIA to determine which parts of the organization to prioritize during a BCP event to maintain operations.
Step 4: Policy Management
As the pandemic evolves and new information arises, policies will need to be revisited and updated and communicated. For example, reviewing and revising a work from home policy will be effective only if dissemination of that revised policy is made with governance tracking for adoption across the organization.
Step 5: Incident Management
Incident management is typically a highly silo’d activity embedded within a process. In times of change management, a unified enterprise-wide mechanism is needed as an input to evaluate the effectiveness of mitigation and policy activities as well as to manage the exceptions, which are typically 20% of all activities.
In LogicManager’s 15 year history as the leader in Enterprise Risk Management, I have seen that 100% of business scandals were known at least 6 months in advance with more than enough time to take action to eliminate most if not all of the downside.
To update your existing business continuity plan with a pandemic scenario from the CDC, read this blog: Coronavirus: Updating your Business Continuity Plan (BCP) from Feb. 5, 2020.
Measure Your Readiness
To evaluate your overall readiness in risk management, take the free Risk Maturity Model Assessment.