Lack of testing
In Part Five of our series about common IT oversights, we discussed the importance of investing in a business continuity plan so that, should anything happen, there will be minimal disruption to your work.
In Part Six, we look at the importance of testing your plan on a regular basis to ensure it is workable and that your staff understand what they will need to do in the event it needs to be implemented.
In a survey of law firms, PwC discovered that only 27% of directors were confident their IT disaster recovery plans would work; only 54% of senior managers said they’d participated in a crisis management exercise in the last 12 months; and 14% of senior managers had not participated in any exercise in the past 18 months.
Treat it like a fire drill
While it is fine to have a business continuity plan, if you’ve never tested it, you’ll never know! If you do not test it, how do you know what will happen and how long it will take your firm to get up and running again? It is a good idea to have different plans for different scenarios and test how long it’ll take everything to recover so you know it’ll take, say, an hour not a week!
When your firm has a fire drill, you’re doing a number of things – testing the reactions of staff, making sure everyone knows what to do and where they need to go as soon as the alarm goes off. In a crisis, humans go into fight, flight or freeze mode. Around 10% will run, 10% will help others and the rest freeze and wait to be told what to do – we know from experience that when a fire alarm goes off, most people just sit there doing nothing about it. That’s why your firm needs to have exercises on a regular basis so everyone knows what to do and when and will therefore react more quickly. In the event of a real emergency, this could potentially save lives.
When it comes to a disaster recovery plan, you need to know that everyone knows what to do and when and will therefore react more quickly. In the event of a real emergency, this could potentially save your law firm.