The news is full of efforts to develop a vaccine effective against COVID-19. Your company also needs to be vaccinated against the impacts of communicable disease and the best way to do this is for your leaders to develop a good pandemic plan. In today’s post, we’ll look at the four main components of such a plan.
Related on BCMMETRICS: Learning from COVID-19: 7 Lessons for Business from the Pandemic
In the old days six months ago, our business continuity consulting clients used to laugh when we said their BC plans should include a plan regarding what they would do if a pandemic struck.
Nowadays, the hard reality and destructive power of a fast-moving infectious disease is apparent to almost everyone.
If you want to read a prescient post, check out this one from MHA Consulting’s Richard Long: Not If But When: Is Your Company Ready for the Next Global Pandemic? It was published on January 2, 2019, almost a year to the day before the WHO said people in Wuhan, China, were getting sick from a mysterious new illness.
In some respects, the horse is out of the barn regarding COVID-19. In the current pandemic, it’s too late for plans and preparations. Most companies are in a posture of adapting on the fly in terms of having employees work from home, reconfiguring the workplace, bringing employees back, and protecting people’s safety.
However, the threat of infectious disease will outlive the current coronavirus outbreak.
To update an old saying: Surprise me once, shame on you. Surprise me twice, shame on me.
Being Ready for Next Time
Responsible leaders understand that, even as they’re trying to steer their organizations through the current pandemic, they need to prepare them for possible future disease outbreaks.
From now on, every business continuity plan must include a pandemic plan.
Such plans need to be flexible, adaptable, and comprehensible. (The flip side of the company that has no pandemic plan is the company whose pandemic plan is so technical, you need to be an M.D. to grasp it.)
Your pandemic plan should be focused on protecting the organization’s people and customers and keeping its critical operations going in the event a communicable disease is at large in the community, sickening workers or their dependents, impacting work spaces, and impeding operations.
Pandemic planning should be incorporated into every aspect of business recovery planning, not just crisis management. The BC plans for the organization’s IT/disaster recovery program, business processes, and supply chain should all include instructions on what to do if there’s a pandemic.
Four Key Areas
I previously mentioned two types of pandemic plans: the nonexistent kind and the type that are so complex only a doctor can understand them.
A better kind of pandemic plan addresses four key areas as laid out below.
- Vigilance and preparation. Many companies assign someone to monitor reports of developing hurricanes so the organization is not taken by surprise. In the same spirit, every organization should task someone with monitoring the pandemic phase alerts issued by the WHO. By the time a pandemic is making headlines, it can be too late to mount an effective response. (See “Early Warning Systems: Giving Your Organization a Heads Up”). Every company should also develop an overarching high-level pandemic policy setting forth the different things it would have to deal with and establishing the company’s posture in general terms (“We will have a plan, it will be tested, etc.”).
- Strategy. This is a documented plan of action defining how the company will respond to a pandemic. The strategy might say, “Working from home will be prevalent for the majority of the work force.” Or: “To achieve social distancing, we will divide the workforce into two shifts, one working in the morning and one working in the afternoon.” The strategy sets forth the specific steps the organization will take to navigate the pandemic.
- Contingencies. The framework contingencies describe what the organization will do if and when certain negative events occur. Various contingencies might set forth how the organization will maintain its critical operations if only 50 percent of the staff is available or only 25 percent.
- Testing. Companies should conduct tests to make sure the components of their pandemic plans work. Can the staff really work at home? Do the telecommunications work? Is the security adequate? Can staff successfully take everyone’s temperature at the front door and isolate the people with high temperatures? Can facilities be made clean and ready? The only way to find out is to test. At a minimum, tabletop exercises should be conducted (people are quizzed about the steps they would take). You can take testing to another level as well, such as by locking the building down and trying to run the whole company from home for a period of time. (See “Testing 1-2-3: Three Things You Should Know About Business Continuity Testing.”)
Vaccinating Your Organization
Hopefully, we will soon have a vaccine offering protection against COVID-19. A vaccine is already available for organizations to provide them a comparable sort of protection: a pandemic plan for the organization that addresses every aspect of the business from IT/DR to supply chains, and which covers the four areas of vigilance and preparation, strategy, contingencies, and testing.
For more information on pandemic planning and other hot topics in BC and IT/disaster recovery, check out these recent posts from BCMMETRICS and MHA Consulting:
- Key Players: The 7 Most Important Roles on Your Return-to-Work Team
- Learning from COVID-19: 7 Lessons for Business from the Pandemic
- Not If But When: Is Your Company Ready for the Next Global Pandemic?
- The Future of Compliance: 19 Observations about the Impact of COVID-19
- When the Quarantine Ends: How to Be Ready to Reopen Your Company
- Early Warning Systems: Giving Your Organization a Heads Up