It’s always good to take a breath, just don’t stop for too long…
/2020 has been a tough year for most organisations and individuals alike. A couple of months ago, the team here at Standby produced a white paper called ‘COVID-19: An Uncertain Future - how to plan your way through’, which discussed a number of the current COVID-19 impacts on organisations and some strategies to help you deal with these impacts and begin planning a roadmap to your new normal. At the time we were desperate to get the paper out as quickly as possible, trying to beat the curve and ensure we were able to provide useful and timely information for anyone who needed help trying to restart normal operations.
Interestingly though, since we published the paper, for many parts of the world, and the Middle East in particular, it doesn’t feel like much has really changed. There have been a few ebbs and flows along the way and some changes in restrictions have been applied in various countries, but in general it feels like many organisations have now settled in to a temporary new operating model and are very happy just to take a breath and not rush to change anything more just yet.
Don’t rush your next steps
There are certainly many positive reasons to encourage this approach: minimising any further expenditure for the year; allowing staff some sort of normality for a while to prevent more stress; presenting a stable environment to customers and stakeholders; and for most, it just gives time to wait and let the dust to settle a little, to ensure further time, effort and expense is not spent now on a resumption strategy that 3 months down the line, no longer makes sense due to the external political and economic changes still taking place.
As discussed in a recent blog ‘Balancing the security vs efficiency dilemma for your new normal’, this breathing time also provides an excellent opportunity to take stock of what has happened recently, and carry out some sort of ‘halftime’ action report to review any lessons learnt and actions taken and begin to think about where to go next, also horizon scanning for any upcoming risks that we should be prepared to deal with.
But don’t forget your key commitments
One very important risk that we should be looking out for at this time, and an operational activity that may well have taken a slightly back seat over the last few months is our regulatory compliance.
We are now in August and before we know it summer and then potentially the rest of the year will be over, putting some pressure on many compliance requirements taking place before the year end. Although we would like to think there may be some sympathy and flexibility shown by regulators in these difficult times, it is still essential that central banks and other regulatory bodies ensure that companies are operating safely and effectively, and therefore there must be some enforcement of existing regulations, for all our sakes.
In the case of many of our clients within the Middle East this will mean ensuring ongoing annual update and improvement activities are taking place within their IT and resilience programmes. Activities for example such as:
· Updating resilience documentation such as the BIA reports or IT DR/BCP/Crisis Management plans
· Ensuring staff are provided with up to date BCP and resilience awareness training
· Carrying out an annual IT DR failover tests and CMT exercises
We know that with a number of other external pressures these items can become bottom of the priority list, but its vitally important they do not, not only to ensure conformity with regulatory requirements, but more importantly to ensure your resilience infrastructure and processes have been properly tested in the new business environment and are not found to be ineffective if called upon for real in these unpredictable times.
Time for a new approach
One major positive from all the recent change this year is that new operating models and recently altered perceptions on remote and outsourced working may just offer an opportunity to change some old methodologies. The new normal may allow you to look at more time and cost effective models for managing any of these regulatory requirements. Standby have developed a number of managed services to help our clients and partners manage your resilience and IT DR programmes, including online training activities for both staff awareness and other training requirements, as well as remote Crisis Management Team exercising.
Get in touch with one of the team today to see what services we can offer that will allow you the opportunity to continue to focus on more pressing issues, whilst still ensuring you stay on top of your regulatory commitments.