FOR many in Johor, Pahang, Kelantan, Penang and Kedah, 2007 will most probably be remembered as the year of the flood.

Even now as we are about to step into 2008, many individuals in the recovery process are having difficulty coping with the various problems such as loss of family members, damage to property and the sheer magnitude of trying to get back on their feet.

While Prime Minister Datuk Seri Abdullah Ahmad Badawi has directed relevant agencies to speed up the repairs of vital infrastructure, especially in the worst-hit areas, having business operations up and running immediately simply cannot be realised.

In today’s organisations, critical data and information resides on information and communications technology (ICT) systems. With power shutdown and water levels rising during the disaster, one can only imagine the extent of the damage – unless the respective entities have some form of disaster recovery and business continuity plan.

Research firm IDC’s survey on business continuity and disaster recovery awareness and adoption level in Malaysia released earlier this year cited that medium to large enterprises are most keen in the area with factors such as security concern, financial pressure, business resiliency, corporate reputation and productivity improvement as key drivers in increasing their awareness.

But the fact that companies here operate in a relatively disaster-free country and politically stable environment has made many complacent in thinking that they are safe from any form of disaster that could jeorpadise their business. Only after a disaster has struck do they look for business continuity management (BCM) solutions as a reactive measure.

While the effects of any threat or disaster cannot be eliminated in their entirety, the extent of the effects, the speed of recovery and the very survival of the company itself depend on whether the organisation has a comprehensive BCM framework, or for that matter, a basic mitigation plan in place.

Like in many other areas in the country, regulatory compliance may be the best means to encourage organisations to plan and implement a proper and workable disaster recovery infrastructure. But IDC said many respondents of its survey do not think that compliance is that important to influence the IT services spending of organisations. This kind of thinking needs to change, as organisations are answerable to their various stakeholders.

Already inundated with cyber threats and floods, who knows what other risks Malaysian organisations will face this coming year. It is now time to plan and act to make sure that it will be business as usual whatever the condition.

Happy New Year!