Contingency Planning in Action - Term Paper Example

Contingency Planning in Action al Affiliation) Introduction Contingency planning is done by organizations in order toprovide an alternative solution in solving a particular situation or problem, just in case the first plan fails to work out. It is about preparation of uncertainties such as data loss, decrease in market share, failure of suppliers to sustain supplies and other unknown disruptions. Contingency planning should be a normal and perpetual way of carrying out business. The emergence of contingency planning is attributed to risk analysis. The risks that the organization faces are always dealt with using an initial plan. In case the initial plan does not work out, the organization should have already identified an alternative to curb the risk (Doughty, K. 2001). The risks should first be identified and prioritized in order of the impacts they could have to the organization. Plan development should be the next step where certain guidelines such as definition of time periods should be done. The next step should be maintenance of the plan; it should be kept practical and relevant. Discussion Creation of a hypothetical organization Rephox is an organization based in India. It has its headquarters in Mumbai and a branch in Delhi. The organization has fifty employees in total, thirty of which work at the headquarters and the rest work in Delhi. It is an organization that provides auditing and accounting services. It helps its clients with cost accounting systems, preparation of financial statements, financial reporting, internal audits and services that provide assurance. The organization depends on technology for the provision of their services to clients. It has systems that protect information systems which comply with regulatory requirements. The organization provides information controls for the reduction of costs and gaining of competitive advantage. It uses professional accreditations where personnel handling the information systems must qualify. The business faces certain threats which include internet insecurity. Internet and firewall threats also exist where viruses may infect the audit systems through online services. There is also network and data insecurity threat when transferring information from the branch to the headquarters and vice versa. The organization’s systems might be hacked into and security details such as passwords and biometric controls interfered with. The wide area network for the organization may be interfered with affecting the clients’ servers. Organization overview The mission of the organization is to serve public interest. This is done by contribution to development of standards and guidance of high-quality standards. It also contributes to development of professional accountancy which ensures high-quality practices by accountants who are professional. The organization promotes the value of accountants worldwide by ensuring issues of public interest are addressed (Jackson, P. M. 2006). The vision of the organization is to ensure that the accountancy profession is recognized globally as a leader in development of sustainable organizations, robust economies and performing financial markets. Need for Contingency planning Contingency planning is needed by the organization in cases of inevitable situations. Computer hardware for the organization might become faulty or stolen. The contingency plan is to insure the hardware and the benefit is that the firm can be compensated in case of occurrence of such inevitable situations. The organization needs contingency planning in data backup and procedures of its storage. It also needs to contingency planning to ensure that there is an office for emergency recovery in case of any risks. It also needs the planning in order to secure support for payroll and benefits of employees. In an emergency situation, the organization may need contingency planning in provision of information through development of emergency websites. Contingency planning has several advantages. It minimizes loss that would have otherwise been incurred by the organization. If data is lost by the organization, its recovery would prove a hard task to undertake. In the event that an organization experiences a disruption, be it a natural disaster or power outage, a contingency plan functions to minimize losses ascribed to production. The contingency plan may be comprised of emergency power generators, reroute data, employee escape routes, as well as supervisory duties ascribed to contingency members of the team. Operational plans that seek to ensure that production runs smoothly irrespective of unforeseen circumstances may potentially be the difference between a firm that ends up surviving a disaster and another that ends up folding. Associated costs may be ascribed to contingency planning as well as its maintenance; however, examined against the production loss, it is bound to be minimal. In the wake of a disaster outbreak, people end up panicking if an out and out action plan that can be followed is not in place. An elaborate contingency plan makes it possible for employees to make quick recoveries as opposed to awaiting instructions. With adequate knowledge regarding their plan of action, it is possible to maintain order. By averting panic, managers are consequently in a position to lay emphasis on recovery operations that seek to minimize loss. Development of a contingency plan Development of a full contingency plan is essential for the firm. Computer hardware owned by the organization in both the headquarters and the branch should be insured. Auditors of the organization need to push for their corporate clients’ profile to form part of contingency planning. The system should be backed up in tapes which must be put in safe places and under lock and key. The organization should develop a private backup site in a different location which could be beneficial in a disaster. Constant updates should be done to the contingency plans to ensure they function appropriately. This puts into consideration business continuity planning where security issues need to be addressed, such issues should eliminate virus attacks and ensure data encryption (Doughty, K. 2001). Data processing audit should be done for definition of a data processing system. Manual procedure should be provided to aid computer dependent users in easy use of the systems in case of an emergency. Data recovery applications and software should be developed to ensure that data loss does not affect operations of the organization. In a disaster situation, other equipment needs to be purchased. In regards to distribution resource planning, the organization needs to provide auditing services while taking into consideration safety levels. The organization should keep a list of potential vendors with all their details to make the process of replacement easier, this is in regards to business impact analysis. A calling emergency list should be put down in a safe place to ensure quick responses in disaster situations. The allowable downtime should be determined to ensure that there is a given period during which the organization can survive without computers. Policies and procedures The purpose of policies and procedures is to establish guidelines to be used for contingency planning. This is done to information systems which transmit sensitive information. Areas of operation of the organization shall come up with downtime procedures in order to maintain information systems (Waters, S., & Waters, S. 2009). Procedures should be reviewed annually as business practice changes, the procedures should also be updated annually. Critical applications’ identification should be done and ranked in order of priority. Maintenance of all equipment and supplies used by the organization shall be maintained. There must be a specification of whether frequent applications are stored in other locations. Alternative backup site shall be determined and its location shall also be determined. Operating procedures of the alternative site shall be prepared. Backup data delivery arrangement shall be listed and personnel identification should be done at the backup site. Recovery procedures shall be prepared and tested for contingency planning. Dating of the plans shall be taken and plans tested annually or when major changes of the application takes place. Policies and procedures play an important role in achieving contingency planning (Jackson, P. M. 2006). They assist in establishment of a fully incorporated contingency plan which cannot fail as an alternative plan. The policies and procedures help to ensure that information systems are secure and only accessible to authorized personnel. They help in conduction of business impact analysis which ensures that the organization continues in existence even after a disaster. In case of systems crush, the policies and procedures assist in determination of the best point to recover systems of information technology. They also aid in development of recovery strategies to be implemented in case of a disaster (Waters, S., & Waters, S. 2009). They help in determination of how often data and information should be backed up. They ensure that systems existing between the headquarters and the branch are efficient and reliable in aiding contingency planning. Implementation of contingency planning Implementation of contingency planning should be done in order to maintain business operations. Delivery of a minimum level service should be established by the organization to ensure successful implementation of a contingency plan. Once time periods have been defined for the contingency plan, implementation of the plans should be initiated. Potential employees should be put in charge of the implementation process in order to assist in the process of reporting. Once a simple plan has been put in place by the organization, implementation becomes easy to execute (Karlsson, M. 2004). Everyone’s needs should be put into consideration during the implementation process, this eliminates unnecessary complains during the implementation process. Training on the plan should be done to employees; this ensures smooth implementation of the plan as the employees will have full understanding of the plan. Management of risk assists in implementation of the contingency plan as the system will have been developed to curb the risks. The implementation process should be documented; this ensures performance improvement in identification of operational inefficiencies. Maintenance of contingency planning Maintenance of the plan should be done; this ensures that the plan is practical and relevant. The plan should be communicated to all employees of the organization, so that they have a clear understanding of the objectives of the plan. Employees in both locations of the organization should be informed of their duties and responsibilities regarding the plan. They should also be trained on how to fulfill their roles and responsibilities during the whole process of contingency planning (Pacifici, R. E. 2000). Disaster drills should be conducted where necessary and any major changes should be done. The contingency plan should be reviewed on a regular basis especially if there are major technological, staff, and operational changes. Revised plans of the organization should be distributed to every employee and old plans should be done away with. Copies of the plan should be kept off-site and they should be accessed easily and quickly. The plan should be audited periodically in order to reassess emerging business risks. Actual performance of the contingent plans should be compared to actual performance. Any changes should be made when appropriate recommendations of the system are done. Hypothetical scenario Considering a scenario where the branch of the organization is experiencing financial problems, a contingent plan can be developed. The branch might have contingent plans in respect to ways and means of getting finances in case of poor liquidity ratios. The branch of the organization as a way of response can call for impromptu general meetings where all the shareholders avail themselves for discussion of the agenda. Management of the branch may also communicate with immediate effect the issue at hand to directors of the organization at the headquarters (Pacifici, R. E. 2000). The management of the branch can call for an immediate audit of the current assets and the current liabilities to determine how they compare. The branch can recover through bank loans which are easily accessible once an application is made. The management of the organization might consider cost cutting measures; this will help the organization to save on unnecessary expenditure. The branch can rely on the organization’s headquarter for financial aid. This is beneficial to the branch as such financial aid is not accompanied by costs such as interests. Once the branch has determined the way forward, it can implement its decision by making formal arrangements that will initiate the process of recovery. Ethical concerns Integrity forms a part of ethical concerns to the organization. The organization should carry out its contingency plans with a high degree of honesty. The team leader of the contingency plan should perform his work with due diligence, responsibility and sincere truthfulness. The leader should be involved in any illegal activities as this may cause temptation to embezzle funds to be utilized for the contingent plan. The organization should be guided by the principle of objectivity (Pacifici, R. E. 2000). This makes sure that the leader is independent in performing duties related to contingent planning. Conflict of interests should be avoided when carrying out the plan as this will derail the implementation process of the plan. Confidentiality is also a major ethical concern as the leader needs to be responsible in regards to information related to contingent planning. The information should be kept confidential and should not be disclosed to outside parties without proper authorization. These concerns should be planned through aiming at achievement of high standards in contingency planning. Time and effort concerns should be addressed to ensure adequate planning resources are available. Ethical issues need to be critically analyzed to ensure proper practice of contingent planning. Conclusion Advanced planning is essential for proper execution of a contingent plan upto its implementation stage. During the establishment of contingent planning, individual responsibilities should be defined for everyone involved in the plan. Team leaders should be alerted immediately in emergency situations to ensure that proper actions are taken in time. The team leader should also inform the recovery team on new developments in regards to the emergency situation. Contingency drills should be conducted on a regular basis; this helps the recovery team with finding appropriate information which aids in emergency situations. Important jobs related to the computer system should executed first and less important jobs executed later. Employees need to practice with contingent planning so that they can be familiar with the system and take quick action in case of emergencies (Karlsson, M. 2004). When a cost benefit analysis is done on whether to undertake contingency planning, the cost of production of the plan is always minimal as compared to the benefits. In case of disaster occurrence, contingency planning helps in panic prevention. This enables employees of the organization to recover quickly in case of disaster occurrence. For successful organization of a contingent plan, an organization needs to determine its needs and choose a plan that will best fit its needs. Contingent planning has limitations to the effect that it does not frequently test realistic situations making it difficult to be relied upon. Maintaining the contingency plan is important since ensures that the plan is practical and relevant. The plan should be communicated to all employees of the organization, so that they have a clear understanding of the objectives of the plan. Summative, contingency planning is an important function of any organization. Planning involves resources such as time and money. The outcome of contingent planning is beneficial when compared to its cost. An organization cannot afford to ignore potential risks which are uncertain, it should have contingent plan just in case of an emergency. References Doughty, K. (2001). Business continuity planning: protecting your organizations life. Boca Raton: Auerbach. Jackson, P. M. (2006). Nonprofit risk management and contingency planning: done in a day strategies. Hoboken, N.J.: Wiley. Karlsson, M. (2004). Organizing technology planning: a contingent approach. Goteborg, Sweden: Dept. of Operations Management and Work Organization, School of Technology Management and Economics, Chalmers University of Technology. Pacifici, R. E. (2000). Theorizing the standoff contingency in action. Cambridge: Cambridge University Press. Waters, S., & Waters, S. (2009). The contingency plan. London: Nick Hern. Read More