Issue link: https://iconnect007.uberflip.com/i/1243344
74 SMT007 MAGAZINE I MAY 2020 2. Probability of Occurrence: Consider having five levels of occurrence (90% = very likely, 75% = likely, 50% = possible, 25% = unlikely, 10% = very unlikely). 3. Impact of Occurrence: Consider having five levels of impact (5 = severe impact, 4 = high impact, 3 = moderate impact, 2 = limited impact, 1 = insignificant) 4. Risk Mitigation Plan: Prepare a specific action plan to prevent or minimize the risk from occurring. 5. Recovery Plan: Prepare a recovery plan to remedy adverse outcomes when risk occurs. 6. Leadership: Clearly identify responsible individuals within the organization to lead risk mitigation and recovery plans to address a specific risk. 7. Reference Documentation: Reference existing procedures, standards, manuals, or other documents that provide supple- mental information to help with risk mitigation and/or recovery plans. SMT007 Author's Note: Fundamental concepts and methods illustrated in this column were derived from the following books: 1. Business Continuity Management: Global Best Practices, 4th Edition by Andrew N. Hiles and Kristen Noakes-Fry 2. The Power of Resilience: How the Best Companies Manage the Unexpected by Yossi Sheffi 3. Crisis Management: How to Develop a Powerful Program by Regina Phelps Alfred Macha is the president of AMT Partners. He can be reached at Alfred@amt-partners.com. To read past columns or contact Macha, click here. 5. Supply Chain: Securing a supply chain to meet current and future business demands is paramount. Identify all key vendors and possible new vendor qualifications to con- firm that the supply of components, raw materials, and sub-assemblies is secure to ensure continuity of your operations. 6. Information Systems: Develop a solid data storage back-up system and establish external support to maintain your informa- tion systems. The ongoing development of information technologies requires partner- ing with a reputable vendor that can sup- port your information technology systems as new software applications are made available. 7. Customer Management: Develop cus- tomer management processes to secure key accounts for your business. Include a business development plan to acquire new strategic business for future growth. Disaster Recovery Disaster recovery planning is risk-based and can have multiple factors to consider. The recommended approach is to prepare a table based on specific risks and define a risk mit- igation plan to address each risk. Consider using Table 1 as an example. 1. Risk: Identify risks that could affect your operations. Common risks include: • Supplier ABC obsoletes a particular component • The company email or intranet is disrupted • An employee with unique skills or knowledge leaves the organization • Equipment failure of specialized technology • A key customer moves manufacturing orders to a competitor Table 1: Disaster recovery planning.