As everyone will be well aware, it’s almost impossible to live and work in a location which is immune to the often grim consequences of natural disasters and extreme weather.

In the last year, we’ve seen much of the south-eastern US and Caribbean plagued by tropical storms; we’ve seen increased flooding in the UK and of course nobody can nor should forget the Indian Ocean tsunami disaster. As experts keep telling us, some of this is unavoidable (Tsunamis, earthquakes, volcanoes fall into this category) and we’re seeing more and more extreme weather which as a consequence of global warming caused by increased emissions. I wanted to have a brief look at the measures we can take to safeguard our call centre operations against the unseen dangers which can strike at any point. These may be on a macro scale, such as earthquakes, or on a localised scale, such as fires or water damage. This article doesn’t take into account malicious or terrorist acts, but the same rules apply.

Fundamentals

Planning is everything. The overall aim of Disaster Recovery is to have a response to the range of ‘disaster eventualities’. We can think of this as our Emergency Plan.

Such a plan should firstly establish a set of clear objectives. These objectives should be prioritised, and fairly broad in scope. A simple example might include the following (not an exhaustive list):

• Safety of employees;
• Security of physical assets (for example, buildings);
• Protection of non-tangible assets (for example, data);
• Restoration of services
• Restoration of core business functions;

Any incident can be considered as having a timeline, ranging from before the incident (in the case of advance warnings), to the time of the incident itself, and through the minutes, hours and days that follow. A successful recovery plan should cater for effective responses to any advance warnings that might be received. In this period, evacuation may be required, and if possible full backups of mission critical data and operations information should be taken. The priority must always be individual safety above all other concerns, and this priority must outrank any business imperative. However, if immediate danger is not posed it may be prudent to take steps to limit the exposure of services and equipment to the risk.

By their very nature, disasters are serious and should be considered life-threatening unless known to be benign.

However, nature has a habit of catching us by surprise, and what might seem non-threatening can escalate very quickly into something far more serious. This is where careful planning comes into its own. We need to identify the different categories of disaster risk and their nominal timelines, so as to be able to respond effectively and meet the objectives of our plan. Of course, this is no trivial matter, and I’ll save that one for a future article.

Attitude

Rather than go into depth, I’ll put planning to one side and attempt to tackle an altogether less defined beast.

Regardless of how many plans and procedures that an organisation has in place, without the correct attitude toward them, disaster anticipation and recovery will be marginalised and often ignored. Do this at thy peril!

It’s important that everyone understands just how important things like evacuation-drills, backups and building inspections can be. For instance, if the security guard locks the fire exits, no amount of planning is going to help. Sound crazy? Perhaps, but obstructed escape exits is a major problem which should be identified and dealt with promptly. Ensure staff understand what they are to do in the event of a bomb-threat, an earthquake, a fire or a flood. Test those alarms regularly!

Visibility

No plan is of any use if nobody knows about it. It has to be visible to everyone involved. Accessible. Not locked away in a cupboard, or attached at the bottom of a long-forgotten intranet page. The message must be hammered home; take it seriously: it could save your life. Publish these plans publicly, and often. Ensure new-starts are made aware not just of the existence of said plans, but what lies within.

Recovery

The recovery phase must always follow once the primary concerns of individual safety have effectively addressed. A disaster recovery plan should include things like an audit of the current office, systems, people, processes and dependencies. It should include details of assets, and suppliers of those assets. It should anticipate major disasters by establishing a suitable offsite, secure backup plan of business data - and this should be followed strictly. Recovery plans should also aim to facilitate ‘dry-runs’ - important to assess how suitably equipped an organisation is to recover from a major incident.

I hope this has been useful. Most of it is common sense, and of course a quick internet search will doubtless reveal more information which might help in the construction of a suitable plan. It bears repeating that having an effective plan in place is vitally important, so if you don’t have one, create one; if you do have one, revise it.

John