Everything is Foreseeable. Anyone can be Found Accountable.
Plan for Crisis
Plans will not solve or even prevent a crisis. But, the right plan, individually tailored to your business or organization, will determine whether your company will survive the disaster.
If directors and officers neglect to prevent or mitigate foreseeable disasters, or fail to prepare for those that are not preventable, the business-judgment rule will not shield them. Disaster Due Diligence™ and sound governance demand that organizations develop, maintain, and test a comprehensive continuity of operations program.
Shrewd competitive strategy demands the same planning. Why? Because organizations with business continuity plans are better prepared to survive a disaster if one occurs.
Firestorm, with in-house and third party legal counsel, has worked with public and private companies to address corporate governance and compliance issues. We utilize a multidisciplinary approach, drawing upon expertise in the corporate, securities, litigation, labor, regulatory and white collar areas, to advise clients on best practices for a broad range of matters. Our expertise includes requirements relating to Federal, state and local regulations, including Sarbanes-Oxley, HIPAA, FCRA & FACTA and Gramm-Leach Bliley.
Continuity of Operations
Every Firestorm Business Continuity Plan is Unique
Plan development includes not only preparing for, and the mitigation of, major disasters (e.g. total loss of a building), but also routine interruptions to service and daily operations. We put disaster planning in perspective and makes it more likely the impacts from crises are lessened due to predetermined response and recovery actions.
Firestorm can audit your existing plan to isolate gaps or weaknesses, and tailor a solution to address every contingency. Based on findings from our reviews and analyses, Firestorm makes client-specific recommendations to manage and either eliminate or mitigate the impact of identified vulnerabilities on your company. No two Firestorm plans are alike.
What should your BCP include?
Protocols for continuity of operations, security, human resources and crisis communications are paramount; otherwise, you may not be able to meet your governance requirements. Your plan must address all manner of disasters, be they man-made or natural. It should include separate provisions for communicable illness (pandemic), identity theft, sabotage, and access to facilities and systems.
In addition to a business continuity plan, Firestorm recommends creating supporting documents which include emergency response plans (flip-books) for the Crisis Management Team & Incident Response Team, Safety Coordinators, and employees, as well as wallet cards for all employees and visitor evacuation signs to assist clients and guests.
Other Resources on this site include our Business Continuity Self-Assessment.
The BCP must be a permanent addition to the overall business continuity program and respond to natural as well as human induced crises. Features of the plan should help ensure the overall preparedness and the effectiveness of your company’s business environment.
Firestorm’s business continuity plan development addresses the following:
- Recovery prioritization structure for critical business functions
- Response and recovery actions by functional department
- Identification of critical suppliers
- Identification of key employees
Once a plan is developed, training and testing will be essential for the plan’s success. The training, in addition to making all company employees aware of their duties under the plan, should increase employee awareness of preparedness issues, resulting in an efficient and effective response and recovery process. Testing will demonstrate areas where plans require modification.