This paper presents a disaster management plan developed for XYZ Insurance Company, a Miami-based firm located in a tidal flood zone that suffered significant losses due to a hurricane. Written from the perspective of a crisis management consultant, the plan outlines eight core components: the organizational need for disaster planning, coordination and network integration, tailoring the plan to the organization, disaster mitigation and recovery goals, simulation testing, prevention and continuity strategies, ongoing risk management, and security requirements. Drawing on risk management literature, the paper demonstrates how a comprehensive and continually updated disaster plan can minimize economic loss, protect personnel and assets, and ensure organizational stability.
In order to avoid the losses that XYZ Insurance Company previously suffered due to a lack of risk management, it is necessary that a disaster management plan be developed and implemented. Failure to plan for worst-case scenarios resulted in lost records and created difficulties in the company's collaboration network, as well as negative impacts on its clients. Strategies for quickly recovering operations in the event of a disaster were not previously integrated into alternative operational procedures for maintaining critical functions during a crisis.
Having acknowledged the need for such a plan, the organization must proceed to the design, development, and implementation of a Disaster Management Plan for the purpose of risk management. Several key aspects will serve as the foundation of this plan, including the preparation of corporate awareness and training programs. These programs will inform staff at all levels and will enhance the skills required for the development, implementation, maintenance, and execution of the Disaster Management Plan. Testing will be an important component of the plan, as will exercises and the documentation of results.
Also important in this plan is the component of effective coordination with public authorities. This will involve the establishment of policies and procedural methods to create a continuum of collaborative interaction with the following groups: (1) employees; (2) employees' families; (3) key customers; (4) critical suppliers; (5) owners and stockholders; and (6) corporate management during a crisis.
Execution of the plan depends first on defining the problem clearly and understanding the various roles and levels of accountability among the different levels of management within the organization. Teams must be identified along with their respective responsibilities. Risk evaluation will include the examination of loss potentials, or threats, that present to the organization, including those of the following nature: (1) natural; (2) man-made; (3) accidental; (4) intentional; (5) internal; and (6) external.
Howard (1997) notes in "Tailor Disaster Plans to Organization: Risk Management" that the key to disaster planning "is to grasp what's catastrophic for a particular organization" (Howard, 1997). Howard refers to this approach as contingency planning, because "risk analysis should go well beyond traditional insured risks and encompass the total-risk profile" (Howard, 1997). Disaster recovery planning is inclusive of much more than simply backing up company data; it requires a comprehensive, organization-specific approach that accounts for the full spectrum of potential risks.
"Eighteen goals for minimizing disaster impact"
"Using simulations to validate the disaster plan"
"Technology and security systems for continuity"
"Keeping the plan current through continuous review"
"Personnel vetting and organizational security standards"
You’re 38% through this paper. Sign up to read the remaining 5 sections.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.