Don’t Panic! That’s the maxim of the “Hitchhiker’s Guide to the Galaxy,” and sage advice for these extraordinary times. By not panicking, you can keep your wits about you and react to what’s going on now, and also prepare for the next time. It is also important to stay as positive as possible, as recent events have almost undoubtedly rattled everyone, and it’s still critical to understand and treat them well.
It’s important for your enterprise not to panic. Now, more than ever, Business Continuity and Resiliency (BC&R) is critical to the business. It’s easier to not panic if you have a plan—and processes—in place for handling unusual interruptions in your day-to-day business. Even if you cannot plan for every eventuality (and you cannot), you can still have a remediation process to have the organizational resiliency and capability to maintain business continuity during those interruptions.
So how does this translate into something you can do now, or for the next big unexpected thing? You can begin by understanding what’s of strategic importance to the organization, and connect that to execution (to processes; to what you do). You can manage the strategic Capabilities of your organization, and how they relate to Processes, Products, and/or the Business Services that your organization delivers to your customers. You can put in place, or enhance, planning models for enterprise Risk, Compliance, Remediation, Business Continuity, and Resiliency processes. If you want to compare your processes with industry best-practice standards, the APQC Process Classification Framework (PCF) has defined processes and sub-processes in this area. In fact, they have produced a COVID-19 Organizational Survival Guide for these extraordinary times.
A key focus area in the risk and compliance side of the equation is to identify Risks to your enterprise, and either Controls to mitigate those risks, and/or Opportunities (the potential reward when taking on a risk) to capitalize on. Risk assessments help you understand which processes are at risk, so you can develop contingency plans or solutions. Risk analysis usually focuses on two variables: likelihood and impact. An item that is unlikely to happen or wouldn’t be terribly disruptive may not warrant much process improvement or contingency planning models. With your processes defined and analyzed, you can begin to assess whether each risk is significant or negligible. For each risk, it helps to understand its frequency, predictability, onset (can you see it coming, and how quickly will the issue become critical?), duration, etc. Once risks are identified, you can determine how those risks will affect your operations, implement safeguards and procedures to mitigate the risks, test those procedures to ensure they work, and ensure the process is up to date, understood, and used by everyone that must perform that work.
Of course, to identify risk and control on your processes, you must have documented those processes in the first place. Simply documenting your processes (and procedures or policies) helps with continuity and consistency. Process documentation provides step-by-step guidance on how to execute work. This means people can step into roles as needed because they have the information to do the job. Speaking of which, understanding who is in the ‘line of succession’ or is critical to the performance of a process, will help you understand what must be done in unusual circumstances. In addition, if you have documented which processes are critical, it is easier to prioritize the processes needed to deliver value and are essential to focus on during unexpected events. For example, even using process categories such as whether they are strategic, tactical, or operational/transactional can help you understand the frequency of a process and how it contributes to your enterprise. Given the probable resource constraints enterprises are now facing, and the need to change your processes to maintain social distancing, it is likely that you will want to accelerate your digital transformation and automation efforts in the context of understanding which processes are critical. Process documentation helps you accelerate these automation efforts because the current state is already captured.
Understanding, modeling, and reporting on your enterprise doesn’t stop at Process and Risk/Control information, of course. Understanding infrastructure, whether that’s IT Architecture (Applications/Systems), or actual physical locations (from region/country all the way to specific campuses, buildings, rooms or equipment), is important to understand the impacts on your ability to execute the work of the enterprise. Knowing your work products (e.g. process outputs), what produces them, and where they’re produced can help identify critical points in your Supply Chain and the resources needed to produce them. This becomes critical information for events that can disrupt the normal flow of operations.
The iGrafx Platform is ideally suited to address what I’ve mentioned above. You can document, analyze, improve, and manage your processes; knowing they are approved and accessible to your enterprise. You can define your strategies and goals, tie them to business capability and your products/services, and even the customer’s journey and where they interact with you. You can perform risk and opportunity management, ensuring controls and resiliency processes are in place and understood, and ensure you have identified who is responsible or accountable for handling business continuity and resiliency. You can report on the information above, across your enterprise. Armed with information about what you do, what’s critical to keep doing, and who needs to do it, you can avoid panic, and get to the business of treating everyone well now. You will also be ready for the next big thing—positive or negative—that comes along.
And finally, I’d like to invite you to download our latest webinar with iGrafx CTO, Ed Maddock, where he discussed effective business continuity and resiliency. Ed explained why process-centric business modeling is needed now more than ever, and gave specific use cases around providing visibility into strategy, supply chain and people planning.