Stuff happens. Good stuff, but bad stuff too. For SMMEs, disasters, strikes or shortages can be, well, disastrous. It’s therefore necessary to build internal resilience to ensure the longevity of a business during stressors such as civil unrest, floods, or global economic constrictors such as the COVID-19 pandemic.
Stressors affect SMEs deeply because they often don’t have the backing or resources that large corporations have, but because they are the lifeblood of the economy, the impact spills over to the rest of the country. Building resilience in this context means that entrepreneurs have a plan in place that they can use to recover from challenges such as these.
What Does Risk Management Mean?
Risk management for a business relies on four key steps that help reduce the impact of threats on your business’s existence or operation. This process identifies risks, develops a plan that helps mitigate these threats, implements it through training, and assesses the implementation and possible improvement.
A report released by The South African Cities Network, Resilience of SMMEs in South Africa: A Framework for Understanding and Mitigating Exposure to Shocks and Stressors, points to the fact that SMMEs have limited infrastructure and insufficient risk management capabilities. It highlights that the amount of risks a business is exposed to has a direct impact on its vulnerability, but businesses that are able to adapt in stressful situations have a reduced risk. Furthermore, the report proposes that SMMEs need a multifaceted framework that focuses on risk prevention, mitigation, and adaptation strategies.
Creating Resilience for SMMEs
Resilience for SMMEs isn’t about how strong you can withstand the blow when it hits, but rather how quickly you can adapt and bounce back. This is why a robust plan that addresses each threat is so vital.
Take note: A threat is always an external element that you cannot control, and can severely impact how your business functions.
1. Identify Threats
A few examples of threats include:
- Natural disasters such as floods, tornadoes, earthquakes, wildfires and hailstorms.
- Global health crises such as pandemics and outbreaks.
- Political instability is causing war and civil unrest.
- Infrastructure failure, such as loadshedding, stolen railways and roads that have fallen into disrepair.
- Criminal activities such as theft and cyberattacks.
Above are just a few of the real challenges that South African SMEs face. However, other risks may also exist that are specific to each business.
2. Develop a Plan
When developing a disaster recovery plan, you must understand how each will affect the business, in particular, the knock-on effect of each event. For each repercussion, you need to have a solution in place.
Start by looking at the most severe aspects that affect your business the most severely and what is most likely to happen. For instance, a cybercrime is more likely to occur than an earthquake that demolishes your entire business.
Next, formulate strategies that address the various scenarios with clear, detailed outlines of the procedure to be followed.
Lastly, if you don’t have insurance policies, assess if they provide sufficient coverage for such an event, or obtain the right cover.
It’s important to note that insurance might help correct physical or financial damages, but these are not the only concerns that should be addressed. Consider elements such as fire safety, an evacuation plan or creating regular back-ups of important files to store off-site and offline so you may be able to recover from a cyberattack on cloud servers. You might also need to consider your approach to maintenance, as poor maintenance can also be a threat. Although you can control maintenance, you can’t control when bad weather may cause damage that could have been prevented through proper maintenance.
The aim of every plan is to:
- Keep employees safe.
- Secure dangerous objects and chemicals.
- Keep your business running.
3. Implement the Plan
It is not enough to have a strategy written down somewhere on a piece of paper and have it filed somewhere. You need to implement the plan. This means all employees across the board need to understand what the plan is, how to execute it, and when to act. Ideally, you need to practice plans and run through these scenarios with employees.
You may also want to consider erecting a crisis management team, as well as a crisis communications team.
4. Continual Assessment and Updating
Any plan or strategy that is created needs to continuously be updated to ensure its accuracy and relevance over time. As new technologies, teams and environments change, every plan should be updated to reflect this.
