The world has learned some hard lessons in the aftermath of devastating events such as the earthquake/tsunami in Japan, but what has the contact center industry taken away from such cataclysms? The devastation caused by terrorist acts or acts of nature can be crippling, but business stoppage can also be caused by illness, labor disputes, computer viruses, and technical glitches.
If contact centers fail to implement an effective Business Continuity Plan (BCP) or Disaster Recovery Plan (DRP), they can face staff attrition, loss of business, and even closure.
It is important to understand the differences between the two:
- BCPs are a series of plans created to respond to things that could potentially happen on any given day such as a computer virus, a swathe of illness amongst agents or a power outage.
- DRPs are usually enterprise wide, “big picture” plans designed to respond to major events that will power down businesses for an extended period of time, like a hurricane or debilitating flood.
It is human nature to take a stance of “that happens to someone else, not me” when thinking about disaster. But, in recent years, “someone” has become “everyone” and contact centers need to be ever vigilant and prepared for loss of (among other things):
- Incoming Calls
- Network-based Information
- Physical Connection from the Network
- Database and Information Systems
- Agent Workstation
- Local Area Network (LAN)
- Access to the Facility
- Hardware/Software Resources
- Network Infrastructure
The last thing contact center personnel will want to think about in the midst of dealing with disaster is if the operation is still functional. Customers, however, will still be calling for assistance and will expect someone somewhere to service them.
Many perils cannot be predicted, but having well planned and up-to-date BCPs and DRPs in place, and ensuring that staff is properly trained on their implementation, can help mitigate downtime and customer dissatisfaction. Demonstrating to clients that such systems are integrated into daily operations can add to a center’s credibility and client loyalty.
The first step would be to conduct a Business Impact Analysis (BIA), which will help the RMT to identify where core vulnerabilities are, and to strategize on how to best minimize the impact of those risks. An accurate BIA can be used as a tool to evaluate key operational issues and prioritize recovery efforts by assessing (at the basic level):
- The information systems and processes that are essential to the survival of the organization;
- Interdependencies between different information systems and processes;
- How long it will take to recover crucial information systems and processes before significant losses occur;
- Assignment of specific recovery duties to different personnel;
- Establishment of automated responses; and
- The prioritized order in which information systems and processes need to be recovered.
Components of a BIA
Organizations should first assign someone within the company to lead the BCP and DRP strategies. Consider utilizing the services of a Risk Management firm to oversee the entire process, but be sure to have a point-person within the contact center to coordinate internal efforts, and interface with the consultants. This individual needs to have a very good understanding of all the contact center’s operations, along with the trust and confidence of each department. Whether or not an outside company is engaged, it is also recommended to form a Risk Management Team (RMT) of at least three members who have the analytical and interpersonal skills required to effectively manage this process. The RMT should develop a realistic timeline for the project, being sure to keep meticulous records as the process develops and phases are completed.
It is critical that senior management support all efforts made by the RMT, otherwise, the endeavor will fail as has happened time and again in businesses of all sizes. Remember, this proactive approach will assure clients that their customers will be taken care of even at the worst of times.
Acquisition of Information
Before compiling the information, the RMT should determine what analysis methodologies and tools it will use to analyze all of the data.
During this phase, the RMT will look at every aspect of the call center operation, and compile as much information as possible from all departments, including:
- Descriptions of information systems and processes
- How each system is inter-related
- The expected costs of downtime
- The risk mitigation measures already in place (i.e. data backup, rolling calls to another location that can service the customers, etc.)
- The estimated length of time it will take to start operating given a specific cause of loss (i.e. computer virus, flood, fire, hurricane, etc.)
Analysis of Information
The first step is to double and triple check that all of the information compiled is correct. Failure to do so will result in an inaccurate and ineffective BCP and DRP. A flow chart or other graph is a good tool to use to illustrate the interdependencies of each department and functionality. An initial BIA can be drafted and circulated amongst managers for review and commentary. The analysis should then be adjusted based on the responses.
Preparation of Formal Report
The formal report that will be presented to senior management by the RMT should include:
- Executive Summary
- Methodology of Data Compilation and Analysis
- Summary of Findings
- Detailed Findings (by department or functional area) to include the expected impact of different events on safety, finances, marketing, public image, legal compliance, client and employee retention
- Graphics to illustrate potential losses (i.e., income, staff, data, clients)
- Recommendations, including where funds should be allocated
In Part 2 we will discuss the design and implementation of effective BCPs and DRPs.