This essay discussed about contingency planning is important for organisations, but based on research, certain organisations did not take it seriously. Six academic journal articles and additional journal articles which are useful have been used to prove that contingency planning is important for organisations in the real world and also for supporting the topic to form stronger points. The discussion is to address how important is contingency planning for every organisation. There are also some results showing how the banks manage their contingency planning and how they treat contingency planning as an important task for their organisations. The other articles discussed contingency planning is not only important for organisation to save data and keep business running but also for human being. According to research, if contingency planning is managed properly, organisation are minimizing the risk and able to recover from disaster.
A survey of 27 organisations that currently practices with respect to IT contingency planning and security, its examines the role of management in planning and setting priorities for contingency planning, especially in those organisations that have specified that IT is important to them. The findings reveal that most organisations are inadequately prepared and fail to manage the issue seriously when things happen. Number of questions has been asked, and the result shows that only 5 of 27 organisations had comprehensive plans for both IT and business operations. This is a very low level of compliance and must represent an unacceptable level of risks. The question arise immediately is this just bad management or do these organisations not experience problem before. Contingency planning is certainly of a low priority, the result shows that 24 organisations for not having an IT and business contingency plans and others has no answer. As result, contingency planning is certainly of a low priority for these organisations. In my opinion, responsibility for such matters is generally at too low level in the organisation and this does not appear to be likely to change in the near future. Based on certain journal article, some organisation treated contingency planning as a serious plan and they also make use of contingency planning very carefully, such as banks.
Banking community has increased its dependence on computers, because computers can work faster compare to human being. This increase has also led to more types of incidence of disasters. Banks are prone to every conceivable type of disaster such as fire, blackout and terrorists attacks are all possible. Therefore, Federal Banking Agencies(FBA) recommend that all banks should manage a back-up computer centers as one of their main contingency planning. FBA also have developed a Electronic Data Processing(EDP) Examination Handbook to guide through the banks for creation of contingency planning. For example one of the sections of the handbook suggested all banks to have contingency planning for their hardware, documentation, procedures and contingency planning for recovery operations. If a bank has more than one CPU in different locations, the bank may be able to provide its own back-up in the case of power failure, fire or other building emergencies like 9/11. The next important phase is to have two copies of the current version and update it whenever changes are made. This shows the important of contingency planning for banks community, and also banks are under control by government to ensure they have certain contingency planning when unexpected disaster happens. In my opinion, contingency planning is a must for all big and small organisations, but based on research, most of the companies feel that a disaster is an academic and cannot happen to them, and they also find that contingency planning is expensive to build one and sometimes it may cause a lots of time.
In America, Office of the Comptroller of the Currency(OCC) examiners have hit hard on contingency planning since they realize that without a contingency planning a bank has a great weakness. The OCC's primary mission is to charter, regulate, and supervise all national banks. Their goal in supervising banks is to ensure that all banks are operating in a safe and sound manner. They have also improve their contingency plan from a method like banks should create a partnership with another financial institution to use their computer in case of disaster, but this are not useful anymore due to high demand of computerize usage for banks these days, therefore they have turned into full contingency plan and thus look at different scenario and how the contingency plan will serve them. Comptroller of the Currency examiners are trying to manage the banks to create a contingency planning by recognize the risks, evaluate them, and detail well how the bank plans to deal with disaster. Agencies are highly encouraging the organisations to have full contingency planning. As result, one of the good example is a large Minneapolis bank had a fire few years ago but it was up and running back after a week time since it has a good contingency plan that trained by Comptroller of the Currency examiner.
Another contingency plan option used by banks is mutual agreement. For example 10 banks in the Washington DC area, including Riggs National Bank, National bank of Washington, and American Security Bank formed Bancon.Inc and agreed to share check processing facilities in case a prolonged power blackout or machine failure caused the computer to break down at a member bank. One member, before the Bancon, had its check cashing computer out of action for 24 hours, which cost the bank about $30,000 in lost interest. The agencies and banking associations are promoting the important of adequately tested, detailed contingency plans via guidelines, publications, conferences and handbooks.
Some banks treat contingency planning not just about dealing with bank failures but also deposit insurer must also consider 'Business Continuity Planning(BCP)' to address unexpected events. BCP is made up of two major elements which is Disaster Recovery Plan(DRP), the plan that provides the processes on how to recover critical business operations from a disruptive even and Business Resumption Plan(BRP) is provides the processes on how to resume business from a disruptive event or transition from the DRP to normal business operations. They demonstrated that deposit insurer need to know full review and understand the mandates, powers and legislation under which a deposit insurer is established is required. It is because deposit insurance system is difficult to compare as they have varied mandates and powers that depend on their stated public policy objectives. But it is these mandates and powers that will determine the risks faced by a deposit insurer and its capabilities to address and mitigate those risks. In my opinion, contingency planning is essential for any deposit insurer because failures are costly and they are often unexpected when it is going to happen. In other hand, contingency planning can lead to more prompt and comprehensive action to resolve crises and can lower the costs of doing so. In addition, it may also help reduce the likelihood that a crisis will occur or reduce the amount of damage it may cause. To have effective deposit insurer, the organisation must develop contingency plans to allow customer to access their funds after a failure and conduct regular simulations to keep employee skills sharp.
Contingency planning are not only helps organisations to save data and keep profits running, but also human being. For example The World Trade Center(WTC) Disaster in United States. More than 18,000 people are saved from the WTC in one hour and 42 minutes. USA Today's () investigative reporters has made a research why so many people were able to survive in this case. Based on research, it is because both good design of contingency planning and emergency planning made an enormous difference on 11 September compare to Port Authority in response to bombings in 1993. "Planning is the key on reducing vulnerability, loss of life, injuries, and damage' say Look and Spennemann (2001) for the US National Parks Service. The best emergency plan or contingency plan is one that is comprehensive and understandable. It must involve the personnel of the company at all levels, and be easily understood by all employees, even those who have been with company just a short time.
Also, many organisations do not have contingency planning at the same time. Based on research, many CEO's of organisations turned around to their security directors and ask "Do we have a business contingency plan?" The CEO of International Corporate Protection in London, he was surprised at how many phone calls his company received after September 11 from risk managers and potential clients with no continuity plans in place. Based on his information, some organisations have ad hoc arrangements for contingency planning, and other companies set up contingency plans years ago, but have never updated them. One thing we need to take into concern is terrorism is a threat that is going to continue, albeit in different forms. The important thing to remember is the fact that it may not necessarily be you and your organisation that may be the direct target, but you could be affected collaterally, just like 9/11 case.
As seen after 11 September, Hurricane Katrina and other world disasters, a company that does not have contingency plans in place often becomes the victim of the disaster and never fully recovers. Many companies go bankrupt or close within the first year following a disaster. For example in UK, a 2005 study found that 36% of technology business did not have contingency plans in place and it failed at the end. In my opinion, if a company got a contingency plan and they know what measure to take, because managers have thought it through, managers can actually manage the risk rather than just saying "what do we do now" or similar. Sometimes contingency planning might expensive or need longer time to figure out, but if something serious happens, if company did not do any contingency planning, it could potentially amount to hundreds of thousands in damage to your company.
Contingency planning is also important for a country to develop to avoid infectious animal diseases. For example the legislation of the European Union requires that all Member States draw up a contingency plan for major infectious animal diseases with the aim of ensuring the country is prepared in a comprehensive way for an emergency. The World Organisation for Animal Health(OIE) has a website which contains contingency plans presented by a number of Member Countries on specific diseases including: African horse sickness, Classical swine fever, lump skin disease and so forth.
