Business risk in the United States may be higher during the novel coronavirus pandemic than at any time in our generation, making risk management a must.
What are your strategies for risk mitigation—not only in your enterprise but up and down your supply chain—amidst COVID-19 disease outbreaks?
Business interruption is a growing concern right now.
The Risks Are High
A recent Pew Research Center report finds that 43 percent of small businesses are closed, at least temporarily, because of pandemic risk.
And among the U.S. businesses with paid employees, 40 percent are in high-risk industries, the report states.
These enterprises, in particular, are more likely to face business continuity issues including supply chain disruptions, absenteeism, cybersecurity breaches, and other potential impacts caused by this infectious disease outbreak.
Even when times are good, only about half of enterprises will last five years or longer, according to the U.S. Small Business Administration.
The Economy Is Reeling
But the coronavirus outbreak has made COVID-19 one of the most devastating of infectious diseases seen in human history, beginning its spread from Wuhan, China, around the world—hitting hard in the U.S. including in New York and prompting the World Health Organization to declare it a pandemic. The global economy has been reeling.
Travel restrictions were among the first dampers placed on business operations, with flights to the United States from China and Europe halted in an attempt to contain the COVID-19 disease spread.
Enterprises limited business travel, as well, and instituted remote-work policies that, in turn, increased the risk of cybersecurity breaches.
Keep Your Business Healthy
The Centers for Disease Control and Prevention (CDC) has provided strategies for minimizing health risks and maximizing the well being of your employees and their family members while keeping business up and running. But what about the health of your business operations?
For that, you need a different set of response plans. Here are some strategies we recommend:
- Focus on resilience. Cybersecurity resilience, which acknowledges that breaches happen and aims to restore systems quickly after an attack, is important. But so is operational resilience, which aims to keep critical business functions and services up and running and minimizing business disruptions.
Business continuity planning and contingency planning should already have mechanisms built-in to protect critical assets (your so-called “crown jewels”) and ensure smooth crisis management. Resilience is as resilience does. However, devise scenarios to test your response plans so that, when a crisis occurs, everyone knows what to do.
- Know your risks. Proactive risk assessments are ideal, but if you don’t have an up-to-date risk assessment in place, perform one now. Understanding all the business threats, including those caused by the virus, will help with your decision-making as you fine-tune response plans in light of shifting virus “hot spots” and other changes.
- Increase your pandemic preparedness. Although we’re in the midst of a pandemic, if you don’t have a pandemic preparedness plan, this is the time to formulate one.
Even as states start to open up for business again and people begin to venture outside their homes, a second wave of COVID-19 could hit.
If the influenza pandemic of 1918 is any indication, the second wave could be more devastating than the first. Make your pandemic plans now, and be aware: Many business insurance policies do not cover losses caused by epidemics or pandemics.
- Stay abreast of assistance programs. Federal, state, and local governments are creating and funding programs to help businesses weather the pandemic. Even Facebook has a small-business grant program. Is your enterprise eligible for aid?
- Maintain your compliance. Staying compliant with regulations and industry standards can be an effective way to manage risk at any time. Amid the confusion and stress of a pandemic, compliance frameworks can provide the reassurance of structure.
The best compliance and risk management programs today use digital solutions to help with risk assessments, test controls, find compliance gaps, issue alerts when gaps occur, provide detailed risk mitigation and compliance checklists, and manage workflows—all automatically, freeing you to focus on keeping your business, personnel, and customers safe and healthy during the COVID-19 pandemic.
ZenGRC performs all these tasks and more, including unlimited self-audits, audit trail documentation, and, with our ZenConnect solution, integration with all of your business applications. Contact us today for a free consultation, and embark on the path to worry-free, comprehensive risk and compliance management.