10 point flood disaster planning checklist
A practical checklist to help firms minimize the impact of a natural disaster and protect their important information assets:
- Validate your employee and top customer contact lists are up to date.
- Monitor the weather: check the national maps and flood warnings to find out how vulnerable you are.
- Create a plan for communicating with employees in the event of a business disruption, bearing in mind that your phones or IT network could be down and your office inaccessible. Rehearse the plan, and have a back-up in case it does not work on the day.
- Create a plan for communicating with your top customers. You are unlikely to have time to call everyone so focus on those most critical to your business, with a website or voicemail update for the rest.
- Store your information archives in secure facilities away from flood plains. Your office may not be the safest place to keep business critical records and data. Host your services and systems off-site or in the cloud, so that they are protected if the business is affected by natural disaster. Plans should also be made to relocate important paper documents as this format is sometimes forgotten from IT-centric business continuity plans, but is equally vulnerable should flooding occur.
- Validate the protection of your historical archives storing physical and digital data offsite ensures that business activity can continue in the event of a disaster. Information is the most important asset to any business and shouldnt be under any unnecessary risk.
- Equip employees to work from home and aim to do this before a crisis so that you can get the necessary equipment, security and processes in place. If undertaken as an ad hoc emergency response, you run the risk of employees relying on insecure personal IT to handle confidential or sensitive information.
- Ensure your business remains compliant. For example, it is essential to keep corporate email systems going, or to get them up and running again as soon as possible, so that employees are not communicating or transacting business via non-compliant personal email accounts.
- Audit your suppliers and vendors plans.
- Rehearse and test every aspect of your plan, understand what could disrupt it and create a back-up plan.