Becoming prepared is an ongoing process of making improvements over time. You can start with learning best practices and incorporating processes that consider your critical operations. This could include protecting client data, establishing alternative methods of communication and routinely evaluating insurance policies and coverage. Depending on the goals of your practice, you may continue to prepare through third-party certification.
First Steps to Preparedness
- Evaluate the critical areas of your firm (clients, staff, data files, facilities) and assess what the impacts to those areas would be if disrupted by a range of hazards (i.e. natural disaster, terrorist attack, flood, fire).
- Take a candid look at procedures/best practices you have in place for handling those potential impacts.
- Consider your firm's missions, internal resources and departments and choose a path best suited to your goals: best practices, preparing to a standard or third party certification.
- Assess how the firm's internal practices align with the chosen route of preparedness.
- Develop a plan to continually maintain and strengthen the firm's state of preparedness.
Links to Standards
Please Note: When clicking these links, you will be exiting the Federal Emergency Management Agency (FEMA) web site.
- ASIS International SPC.1-2009, Organizational Resilience: Security, Preparedness and Continuity Management Systems – Requirements with Guidance for Use Standards
- ISO 22301:2012: Societal security -- Business continuity management systems
- NFPA 1600: Disaster/Emergency Management and Business Continuity Programs, 2013 edition
Notices of other opportunities to engage will be distributed through many sources, including FEMA's Infrastructure Protection Directorate and the DHS Private Sector Office. Anyone may subscribe to these updates from the FEMA.gov and FEMA.gov/privatesectorpreparedness webpages. Interested parties are encouraged to monitor these web pages for program updates.