Most business leaders you speak to would agree that corporate social responsibility is important. Some would rattle off a long list of things they believe their company does — from saving energy with green buildings to empowering employees with donation matching, fundraisers and volunteer work that helps charities. But is this really enough anymore?
In our hyper-connected world, CSR is no longer about just doing good. Now there is a wider responsibility that companies have toward employees, customers and the community to minimize risk. Companies must consider the added responsibility to securely hold customer data and prevent it from getting into the wrong hands.
If we are prepared to put time, effort and money into helping others, why can’t we be more responsible to our customers and employees and take steps to ensure our companies are resilient?
Changing focus of CSR
In the age of social media and the 24-hour news cycle, CSR has taken on a whole new role in society. Companies have gone from providing reactive help when issues arise to being actively involved and leading the way in social and political movements. Personally, my mantra has always been to encourage each individual employee to pursue their CSR passion, and we at Zerto support them with matching funds, time out of the office to pursue activities that are meaningful to them and any other support they may need.
Consumers look to companies like Amazon, Facebook and Nike to not only get the latest deals on shoes and order anything they need for delivery in 24 hours but also to understand what they stand for. This has become more important in the competitive business landscape where people make buying decisions based on the political stance of a CEO.
This evolution from simply doing good to being judged publicly for it is also seeping into other areas, specifically resilience and a company’s ability to withstand disruptions.
Resilience as a key part of business today
To most people, recovery often looks like communities coming together to provide shelter, food and water and guidance after a tragedy. These are the times when companies are judged on their kindness and compassion toward employees, their families and the local community. But these initial pictures that flash across the screen on the news are simply the beginning stages of a bigger resilience plan.
As the CEO of a company that specializes in disaster recovery and data protection, I know that business resilience is a strategic approach to risk management that integrates with many different departments and teams throughout an organization so that it can provide continuity in the face of all types of risk. This means adapting to new environments or circumstances following an incident (e.g., a natural disaster, a cyberattack or a disruptive technological advancement that causes economic or market disruptions). This is where business resilience plays a key role.
A true business resilience plan begins with:
• A continuity plan that responds to all identifiable and likely operational disruptions. This should explain who is involved, what steps they should take and provide checkpoints along the way.
• A parallel disaster recovery plan helps to recover from the disruption. This should provide step-by-step instructions for everything from getting IT back up to quickly repairing buildings and workspaces after any damage. A key to ensuring this is a success is including contact information of all third parties involved in the reboot process so they can be contacted quickly.
• A value protection plan that engages shareholders and customers to ensure they understand the situation and feel confident in the resilience of the company. Clear, concise communication is key to guaranteeing steadiness throughout the process.
• A post-disaster plan that wraps into the CSR activities and builds positive momentum after any disruption or disaster. This piece of the puzzle is often forgotten, but to fully recover, this is a key step.
Having each piece of this plan in place is a great first step, but without regular review and testing, there is no real way of knowing if it works. Organizations should review business resilience plans at least once a year, at a minimum, especially if they change location, add new suppliers or significantly change the makeup for the business.
The intersection of CSR and business resilience
As many companies have found themselves being ranked against others for CSR activities in recent years, business resilience is going to begin playing a key part in this public persona for many reasons.
As cyberattacks and ransomware are now part of the public sphere and making headlines on what seems like a daily basis, business preparation and resilience in the face of a breach is becoming a key differentiator in brand reputation and business longevity. As such, there is a strong argument for cybersecurity — and resilience after an attack — to be a key component of CSR.
Looking outward a bit more at something like natural disasters, community resilience should also factor high in a company’s CSR initiative. Should they feel the impact of a hurricane or earthquake, is the company prepared to not only revive its working environment and support its employees but also support the wider community? Depending on the size and influence of the company, many in the surrounding area will look to them as leaders in the rebuilding and recovery efforts.
This idea of community resilience can spread from the streets around an organization’s office to the whole country. For example, Airbnb recently offered up many of its rental properties free of charge to those evacuated from Hurricane Florence.
CSR and business resilience go hand in hand as the influence of corporations continues to grow — often outside its primary business. Advocating for social change, being prepared for climate-related challenges and leading employees, customers and communities through any disaster are tenets of resilient corporations. These initiatives need to be led from the top with the understanding that good business practices can also impact the greater good.
The author Ziv Kedem is Founder and Chief Executive Officer for Zerto, responsible for leading the company’s corporate direction and vision.
Views of the author are personal and do not necessarily represent the website’s views.
Thank you for reading the column until the very end. We appreciate the time you have given us. In addition, your thoughts and inputs will genuinely make a difference to us. Please do drop in a line and help us do better.
The CSR Journal Team