Risk Management: Your Coffee Pot Is Dangerous

April 4, 2019       Darryl Canfield      

Threats to your organization can come in many forms. Sure, it can be a headline-grabbing storm of some kind or an attention-getting bomb threat, or perhaps a hacker. But it also can come in the form of something as seemingly innocuous as a power outage, water leak or coffee machine. And yet, three out of four organizations have no disaster recovery plan.

Chris Fink, vice president, support and implementation, for Arreva, and Ramona Dopps, data and administrative director at Ronald McDonald House Charities of Idaho, Inc., presented a session titled “Preparing for the Worst: Disaster Recovery 101” (#19NTCrecovery) at this year’s Nonprofit Technology Conference (NTC) in Portland, Ore.

Disaster recovery planning is part of a larger process known as business continuity planning and should include planning for resumption of applications, data, hardware, communications such as networking, and other IT infrastructure.

    It’s important to set goals for operational continuity. When setting those goals, consider following:

  • Know your mission. Be clear as an organization about who you are and want you do. Knowing your mission is first because everything centers around that. Explain what you are and why your organization is important in just one paragraph.
  • Know your organization. Understand how your organization is structured and start from the top. Know and list all pieces both internal and external. Make this into a contact list with people, roles and responsibilities. Everybody is a key player when you are responding to an emergency.
  • Know which risks could affect you. Consider what types of risks could potentially affect your organization and what impact they could have to your operations, such as a flood, power, fire or loss of a vendor. Don’t just think about the types of disasters that make headlines.
  • Know your internal and external processes. Know what processes are critical to your success and why, then prioritize them. Also, be sure to look at external processes like your supply chain, such as power and telecommunications and logistics that are important to core work.