Are You Ready for COVID-19? How to Conduct a Risk Analysis During a Crisis

March 6th, 2020   |     |  security & compliance

COVID-19 is in the headlines today. People are talking about it everywhere. Everyone is stocking up on supplies to prepare for the worst. Unfortunately, COVID-19 isn’t the only or last threat your business will have to contend with, so it’s important to think through a holistic business continuity and disaster recovery plan. A business continuity plan outlines what needs to be done in case an unexpected event occurs: a natural disaster, a pandemic, an economic crisis, or a data hacking incident.

Our customers’ security and peace of mind is of paramount importance to us. Two of our main values are Security First and Customer Focused. Not only do we want to assure our customers that we have business continuity plans in place for the OneLogin platform, but we also want to help our audience develop their own disaster planning strategies. If you want an in depth view on how to develop a business continuity plan, download our new ebook.

Conducting a Risk Analysis

The first step to developing your business continuity plan is to conduct a risk analysis. Bring together cross-functional stakeholders to help identify points-of-failure within your organization and issues that you need to address. You and your team can then prioritize the risks based on potential business impact.

During your risk analysis, identify critical buckets of risk that exist across your organization that you will need to address in the event of an emergency.

Here are the major buckets to consider:

  • Human — how will your business be impacted if there is an illness, death, or a critical individual is unable to continue work? Additionally, how equipt are you as an organization to conduct business remotely if necessary?
  • Operational — how will the threat impact the physical operations of your organization? How will facilities be impacted? Will there be issues with distribution?
  • Technical — will your business be impacted by failures in technology? Either technology failures in business-critical applications or technology failures in your own products?
  • Financial — will you be able to continue generating revenue and keeping your customers happy? What about stock market fluctuation or other financial issues impacting your ability to continue operating?
  • Security — what security issues are you vulnerable to—whether physical or virtual—and do you have the right safeguards in place? Communication — do you have contingency plans in place for communicating with each other, your employees, your customers, and other stakeholders?


In order to determine whether you have a cohesive list, ask other team leaders what they suggest and what functional risks they might have. Once you have your initial list of potential threats sit down as a team to discuss the priority and impact of each bucket to the business. Consider creating a matrix that maps scenarios based on probability of occurrence and overall impact.

Your risk analysis is the first step to outlining an actionable plan to help your business remain operational during a crisis. Once you have determined the highest impact risks, you and your teams need to sit down and develop a framework around how you will ensure redundancy, workplace productivity, security precautions, and potential technical failures.

For more details on how to develop a plan you can operationalize, download our ebook How to Develop a Business Continuity Plan.

Alicia Townsend, Dir. of Content and Documentation
About the Author

For almost 40 years, Alicia Townsend has been working with technology as both a consultant and a trainer. She has a passion for empowering others to use technology to make their lives easier. As Director of Content and Documentation at OneLogin, Ms. Townsend works with technical writers, trainers and content marketing writers to inspire and empower everyone to take advantage of what OneLogin’s platform has to offer them.

View all posts by Alicia Townsend

Alicia Townsend, Dir. of Content and Documentation
About the Author

For almost 40 years, Alicia Townsend has been working with technology as both a consultant and a trainer. She has a passion for empowering others to use technology to make their lives easier. As Director of Content and Documentation at OneLogin, Ms. Townsend works with technical writers, trainers and content marketing writers to inspire and empower everyone to take advantage of what OneLogin’s platform has to offer them.

View all posts by Alicia Townsend

Secure all your apps, users, and devices