Life after the storm
The world after 11 September 2001 and Hurricane Katrina presents challenges to corporate leaders who create plans for disaster recovery and business continuity. Many lessons have been learned about offsite backup systems, system redundancies, and training. Auditors, regulators, and investors increasingly look at a company's ability to weather a crisis as a key benchmark of corporate health.
September 23, 2009 at 06:48 AM
5 minute read
Andrew Fernandes and Douglas Vreeland ask the questions you made need to consider when developing your disaster recovery and business continuity plans
The world after 11 September 2001 and Hurricane Katrina presents challenges to corporate leaders who create plans for disaster recovery and business continuity. Many lessons have been learned about offsite backup systems, system redundancies, and training. Auditors, regulators, and investors increasingly look at a company's ability to weather a crisis as a key benchmark of corporate health.
Here are five key points to consider when developing your disaster recovery and business continuity (DR/BC) plans.
1. Insist on contractual protections: remote suppliers, original design manufacturers, and key vendors should have the same level of DR/BC readiness that your company maintains internally.
If a key supplier loses a factory to fire, tsunami or civil unrest, can they continue to meet your needs – or are they a single point of failure? Incorporate stringent disaster recovery/business continuity language into your supplier contracts – or renegotiate existing agreements to include such language.
Key terms can include the vendor's timeline for recovery; the ability to recover 100% of your production volumes within a reasonable timeframe; and, most importantly, the ability for you to validate your vendor's capabilities and capacity to execute the plan. This is part of an established testing protocol.
2. Is blood thicker than water? So your organisation has contractual provisions in place with its suppliers. Your suppliers assure you that they have multiple sites, and that they can redirect production among their sites in the event of a disaster.
But, here is the catch: you are probably not a 'dedicated' client. Think of your organisation as one family member, whose family subscribes to a mobile phone 'family minutes plan'.
If the minutes in the family plan (your supplier's production capacity) are exhausted (even by your competitors), there are no more minutes, no matter what you do.
If you are forced to scramble during a crisis to ensure a steady supply chain, the charges you will pay for 'going over your minutes' in our analogy could be extreme.
One option is to consider negotiating most favoured nation provisions, or preference arrangements for your firm that will guarantee you a certain percentage of your supplier's capacity in the event of a crisis.
3. Remember Pareto's rule: identify the 20% of potential problems that will cause you 80% grief.
You already have a list of suppliers and key vendors that you rely on for your operational survival. While your first reaction may be to look at a spreadsheet from your finance department as the biggest driver in identifying the highest risk, it is not the only criteria for identifying key failure points.
Tier your suppliers based on a matrix of criteria including: amount of money allocated, whether the supplier is the only manufacturer of a product you depend on, and whether your company relies on one vendor to be its single source supplier of a product.
4. Just drill, baby: No, this is not a plug for increased oil exploration.
Rather, it is a reality check on your organisation's ability to respond right this second to a host of crises.
The possibilities are endless. A foreign government just nationalised a key production site. An earthquake has just disrupted your key supply route. Terrorism or pandemic results in loss of life.
Is your organisation prepared to respond quickly and decisively? If not, then start with the basics:
- Do you have a crisis management team of key business leaders organised and ready to call up at a moment's notice?
- Are key profit centres and support functions represented (manufacturing, supply chain, security, legal, human resources, communications, etc.)?
- Does each member of that team have other member's emergency contact information handy" is it on a PDA or on a card in their purse or wallet?
- Has this team drilled for readiness and tested lines of communication?
There is much more to do to ensure a strong response to a disaster, but if your key leaders are organised and can communicate according to a preset plan, the response to and recovery from a crisis will be much more manageable.
5. Assess your internal resources: regulatory requirements and business necessity have made some industries the models of disaster preparedness. The financial and insurance industries, in particular, are often viewed as models of DR/BC best practices.
But if your company is new to DR/BC, or lacks the size or resources to have an internal team of experts, consider looking to external consultants to help shape your program.
As a general rule, the less manufacturing you do and the fewer sites you have, the simpler your plan will be. Large multinational companies with manufacturing capacity and/or significant supply chain involvement will require much greater planning.
Andrew Fernandes is the global leader of Dell's business continuity and resiliency programme, based in Austin, and Douglas Vreeland is litigation counsel for Dell, and serves as the DC/BC leader for Dell's legal department. A version of this article first appeared in Legal Week's sister title Law Technology News in September 2009.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
Trump and Latin America: Lawyers Brace for Hard-Line Approach to Region
BCLP Mulls Merger Prospects as Profitability Lags, Partnership Shrinks
Trending Stories
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
