News and Information about the nonprofit sector in Massachusetts. Check back frequently to keep informed.
January 20, 2022
Planning for a Disaster Means Planning for Continuity
By Matthew Putvinski

Matthew Putvinski
Matthew Putvinski
When disaster strikes, nonprofits that are able to reopen operations, provide their services, and fundraise quickly will remain stable and operational. Take steps now to refine your disaster preparedness and continuity plans in order to avoid long-lasting harm to your organization and community.

The tornadoes that recently struck western Massachusetts are a reminder that disaster can strike any time and cause great chaos to people’s lives, businesses, organizations, and the economy.

But disasters aren’t confined to earthquakes and tornadoes; a burst pipe flooding an office can be a major crisis for an organization of any size. That is why every organization must put in place a plan for the unexpected. Think of it less as "disaster planning" and more as "continuity planning” #147; implementing best practices to ensure your organization survives any type of interruption.

A solid continuity plan should be comprised of these important steps:

Step 1: Plan for Your People

The confusion following an interruption can paralyze staff. Make sure key leaders are clearly identified and chains of command are established so everyone knows who has decision-making authority.

Having an up-to-date call list is invaluable. Ensure that it's readily accessible in multiple places and contains contact information for all staff, board members, key donors, and important vendors.

Next, establish functional groups and group leaders to cover key operational areas. To account for employee turnover or unavailability, consider assigning tasks by position rather than by individuals. These teams should be organized along the lines of management, information technology development ,and administration and they should focus on restoring continuity in their areas.

Step 2: Back up Your Data Regularly

Organizations with the foresight to perform regular data backup are in an excellent position when it comes to restoring key functions following an interruption. Data you might to back up include financial data, key human resources files, donor information, custom software, contracts or other legal documents, databases, insurance files, and computer system backups.

After determining which records are important, select one of these methods for protecting and/or reproducing the information:
  • Automatic backup: Your office computer system should be backed up daily and regularly rotated to a data storage provider (either an offsite physical facility or an online provider).

  • Onsite/offsite storage: Critical records that need to be accessed regularly can be housed onsite in fire-resistant safes or cabinets, with a duplicate copy (either a hard copy or scanned to a CD/DVD) secured with an outside record-storage company.

  • Offsite storage: Records that are critical but seldom used should be stored offsite in a safety deposit box or storage provider.
Step 3: Create a Plan for Resource Retrieval

You'll need more than just files and data to restart operations. Remember laptops, computer disks and hard drives, ledgers, checkbooks and work in process.

Because authorities may limit access to your office even after the crisis has passed, create a list of key resources you would want to retrieve if you were granted just 15 minutes to get them. On your retrieval list, include the name of the item(s), their location, and a ranking in order of their priority/importance.

Step 4: Build Some Reserves.

Interruptions can cost you a good deal of money. Make sure your organization has an operating reserve #147; a nest egg that will see you through a really "rainy day." Establishing a reserve can be as simple as opening a separate reserve account. You may want to have your board draft a governing policy that specifies the desired size and rules for use of the reserve, including guidelines for replenishment.

Matthew Putvinski CPA, CISA, CISSP, serves as director of Wolf and Company's Information Technology (IT) Assurance Services group. He can be reached at or 617-428-5479.
June 2011
SUBSCRIBE FREE – Keep current with the Wednesday Report emailed to you free each week. Click here.
Got news, advice, resources? Send it to