Contingency
A contingency is an event that may occur in the future with possible positive or negative consequences for the company.
In other words, a contingency is a fact that, when it materializes, can improve or worsen the company's results. An example of the contingency can be a debt that does not yet exist. However, compliance may be required under certain conditions. It should be noted that it is important that the firm makes appropriate provisions for contingencies that may be negative.
One of the examples of the importance of contingency planning is the pandemic that happened in 2020. Back then, companies were hit with the restrictions on office work that forced employees to work remotely. Nevertheless, the working processes of some businesses could not fit into the remote mode, and the employers had to come up with other ways of preventing virus spread.
Any potential negative event in future that can cause problems to the company is referred to as contingency. This can be an economic crisis or any other disaster. Even though companies can plan contingencies, however, normally no one knows in advance what is going to happen in the world next. Things that can help business owners and investors to predict changes are proper analysis and implementation of various protective measures.
Financial managers conducting an analysis tend to use predicting models and assume the results to be a bit worse. This helps the company to be prepared for emerging difficulties.
How to get prepared for Contingency
In the context of crisis management, the contingency plan is a document that should allow an entity (government, community, institution, company, energy plant, hospital, school, public service, etc.) to function even in the event of a disaster or major crisis, even if it is in "degraded mode". Its’ purpose is to anticipate an event that seriously disrupts the normal organization of the entity and to put in place a strategy to limit its impact.
The continuity plan is a strategic document, formalized and regularly updated for planning the response to a disaster or serious loss. It is increasingly associated with an information system1. In some areas, there may be several continuity plans, each dedicated to a business line, with the essential activities clearly identified. The creation of a business continuity plan is generally the result of an analysis in a work group, bringing together the different skills of the company.
To create the most effective contingency plan, large companies typically use the rules outlined below, with some minor variations.
First of all, it is essential to identify all the organization's business processes. Then there is a need to evaluate the impacts on the business, that is, for each process identified, evaluate the impact that its failure represents to the organization, also taking into account the interdependencies between processes. As a result of this work it will be possible to identify all processes critical to the organization's survival.
Then goes the identification risks and definition of possible failure scenarios for each of the critical processes, taking into account the probability of occurrence of each failure, the probable duration of the effects, resulting consequences, inherent costs and the maximum acceptable limits of the failure's permanence without the activation of the respective contingency measure.
After that, managers have to identify measures for each failure, that is, list the measures to be put into practice should the failure occur, including even contact with the press.
This also includes definition of actions necessary for the operationalization of measures whose implementation depends on the acquisition of physical and/or human resources (for example, acquisition of a generator and fuel for an electrical power contingency system).
It is also crucial to estimate the costs of each measure, comparing them to the costs incurred in case the contingency does not exist and to define a form of monitoring after the failure as well as to define criteria for activation of the plan, such as maximum acceptable time of permanence of the failure. Besides that, there should be a person responsible for activating the contingency plan. This person is usually chosen among high hierarchical level employees in the company.
Furthermore, contingency managers need to identify those responsible for putting the defined contingency measures into practice, with each element having formally defined and nominally assigned responsibilities. There should also be a nominally defined replacement for each element. Everyone must be familiar with the plan in order to avoid hesitation or wasted time that could cause major problems in a crisis situation. The responsible team must have the ability to make decisions when faced with unforeseen or unexpected situations, and the limits of this decision-making ability must be defined in advance.
Lastly, it is important to define how to restore the business to its normal way, in other words, when and how to leave the contingency state and return to its normal operation state, as well as who is responsible for these actions and how this process will be monitored
Classification of Contingency plans
Contingency plan making is a widespread practice among companies, governments and other legal entities. These plans usually include risks associated with politics, economic situation, investments, commodities, etc.
Assets protection. This refers to the insurance that can cover unexpected expenses in case of negative contingency occurrence. Such type of assets is called contingent and benefits its’ owner assuming a negatively effecting event happens in future.
Investing strategies. It happens so that investing can bring not only profit but also potential losses. There are multiple ways of capital protection that investors commonly use. Stop-loss order is one of them. It prevents losses by exiting a position when it achieves a certain price level.
Asset diversification is one of the main rules of any exchange trading. Diversification is reached through the investment in different types of assets representing varied spheres. Method of diversification helps to reduce risks if the value of one of the assets declines.
Business continuity plan. It is a set of documents that allows to create a business continuity plan for a company if negative events occur. The result is the achievement of a state in which there is no interruption of activities and the operability of information systems.
The main components of this process are:
- incident management;
- business continuity & disaster recovery management;
- crisis & emergency management;
- business recovery.
Incident Management. This is the operational level. At this level, we consider the complex management of internal and external incidents of high and medium probability of occurrence, for example, fraud, human error, equipment failure. The task of incident management is the restoration of minimum functionality in minimum time as well as timely incident identification and classification.
Business continuity & disaster recovery management. This is the tactical level. In fact, at this level, potential damage is estimated and measures preventing it are created. Despite the low occurrence probability of such events, damage can be significant, it can even lead to bankruptcy.
Crisis & emergency management. This level looks at how to activate plans during the crisis, and make quick decisions before the crisis is over.
Business recovery. This level helps to return to normal operation, fulfillment of tasks which were delayed during the crisis. It also includes compensation of losses, analysis of what happened, and preventive measures.
Cybersecurity contingency. Cybercrimes often take place during the crisis. The aim of criminals is to steal data or to frustrate company’s operations. That is why businesses often develop contingency plans for cybercrimes. They protect companies from cyberattacks and criminals’ threats.