Disasters are not one of those things anyone can plan for on any precise level, however, there are ways to be reasonably prepared. This way, in the event an unexpected catastrophe occurs, the devastation can be minimized to some extent.
On the business level many businesses neglect to create disaster plans. According to a 2011 survey, roughly 50 percent of small and medium businesses (SMB) did not have a plan.  Many businesses polled said the idea never occurred to them. Others indicated they tended to shelve the task for a later date. Unfortunately, in some instances, that time never arrived. And a disaster or severe interruption has occurred.
Business continuity and disaster plans are costly and do not generate revenue, which is perhaps one reason why priority is often not given to them. Yet, companies should not neglect a plan, as it can be likened to carrying insurance - you hope you never have to use it, but are glad you had it in the event it's needed. It's the same for business disaster plans. Every business, from the large corporation to the mom-and-pop convenience store, should have some sort of plan.
A catastrophe does not have to equate to a natural disaster or terrorist attack, it can be anything that interrupts the business and/or prevents access to company resources. Even a computer and/or network virus can equate to a disaster if all the company's data is destroyed or the Internet cannot be accessed to process orders. A fire or flood can destroy inventory or other vital components of the business.
What can a business do to protect itself?
Designate Someone to Take Charge of a Disaster Plan
Putting a person in charge is of value. While a plan coordinator is typically associated with large companies, even small businesses can benefit from putting one person in charge of the plan. This way nothing falls between the cracks.
Ideally, it should be someone who can devote a significant amount of time to developing a plan, not constantly distracted by other tasks and deadlines. The coordinator position encompasses a lot of important detail and, if distracted, the plan may not be adequately completed.
The larger the company, obviously the more detailed the plan will be to make sure all aspects of the business, but even for SMBs, a sufficient amount of planning must be covered. Get someone to take charge, this will ensure a comprehensive plan can be made.
Perform a Business Impact Analysis
The business impact analysis (BIA) is an important part of disaster preparation. By studying the impact a disaster can have on the business, it highlights any vulnerabilities and the negative effects a severe interruption might have on the company. Companies armed with this information can develop a more structured strategy when writing their disaster plan.
Conduct a Risk Analysis
A risk analysis is a valuable action to take. The more a company understands about the potential problems that can realistically happen, the better. The risk analysis identifies and then examines all potential disruption scenarios and ranks them according to likelihood of occurrence. For instance, companies that live in a region where earthquakes or hurricanes are probable would put more emphasis on these types of disasters, whereas businesses in flood-risk areas would focus on that scenario.
It is vital for businesses to be aware of the different possible disasters that can occur and then identify the costs and impact these events would have on both the day-to-day and long-term operations of the company. By understanding specific risks, a company can better assess where to spend its resources in planning for business continuity and disaster recovery.
Write a Plan and Then Test It
Once the risks and impacts are clear, it is time to assemble a plan for the company. Consider computer and network system backups and alternate locations for a business (if it does not rely upon a specific place). The plan should answer a number of questions and provide solutions. For instance:
- What should staff do if a disaster hits? Safety considerations?
- Where are backups of records stored? Have copies even been made? Are they being done often enough to make sure important data is preserved?
- What data is most critical to be brought back immediately and what data is secondary?
These are just a few questions, but all aspects of businesses operations should be looked at and evaluated. Additionally, every plan needs to be tested to make sure it works as it as intended to do, or all will be for naught. Unfortunately, even those businesses that develop plans sometimes neglect the testing aspect. Even missing a small detail can throw the plan into failure.
Ideally, the plan should be revisited on a routine basis, at least once a year. Some experts suggest doing it twice a year.  Many changes happen as a business evolves and grows, not to mention technology moves at a rapid pace. A business wants to make sure nothing slips through the cracks. Even a computer upgrade might require some tweaks to be made.
Not every plan will be perfect, and a business cannot typically 100 percent plan for disaster due to the unpredictable nature of when they occur, but the goal is to come as close as possible. Disaster planning, especially with today's reliance upon technology and digital data, is critical. There are many ways disaster planning can save a business. Complacency should not be any part of the equation. Every business is at risk to some sort of disaster, but proactive planning can mitigate the outcome.
Depending on what data you look at, anywhere from 25 percent to 40 percent of businesses do not reopen after a disaster hits. Many struggle to continue, only to fail a few years after the disaster. Some statistics place this as high as the 70-90 percent range. Having a plan can help alleviate any permanent damage to the company, and keep it out of these statistics. Preparation is key to surviving disaster.
Additional reference: Toigo, Jon, "Disaster Recovery Planning: Preparing for the Unthinkable"