Despite the man-made and natural disasters that are a reality today, many North Carolina businesses are not fully prepared to maintain their business operations in the event of an emergency, according to an annual study on business continuity and disaster recovery preparedness for U.S. businesses in the private sector.

According to a survey of 500 North Carolina information technology executives at companies with $10 million in revenues or more, nearly one in five does not have a business continuity plan developed. Additionally, a quarter of businesses in North Carolina do not consider business continuity planning a priority, according to the survey.

"By now, most North Carolinians have heard how important it is to make a plan and gather supplies to prepare their families for all types of emergencies from hurricanes to tornados to winter storms," said Bryan Beatty, Crime Control & Public Safety Secretary for the state of North Carolina. "But it is just as important for local governments and businesses to make plans for their continued operation in the event of a natural or technological disaster. Disrupted business operations impact employees, as well as their families, customers and the community. I encourage all businesses and local governments to develop and implement plans to provide for the safety of their employees and continued operations following an emergency."

AT&T's Business Continuity Study in North Carolina surveyed 100 information technology (IT) executives in the metropolitan areas of Charlotte, Raleigh, and Greensboro, N.C.

The 2008 AT&T Business Continuity Study found that business continuity planning is seen as a "priority" by three out of four (75%) IT executives in the North Carolina markets surveyed. Half (51%) indicate it has always been a priority for their business, and one-fourth (24%) indicate it has become a priority in recent years due to natural disasters, security, and terrorist threats.

But while business continuity planning is considered important to most North Carolina companies in 2008, among businesses with revenues of $10 million or more, a sizable number of companies either do not view business continuity planning as a priority or do not have active plans in place.

  • One-fourth (24%) indicate business continuity planning is not a priority at their company.
  • One-fifth (18%) do not have/don't know if their company has a business continuity plan.
  • One-fourth (26%) indicate that cyber security is not part of their overall business continuity plan or don't know if it is or not.
  • One-third (31%) have not prioritized and set target recovery times for key business processes or don't know if this has been done.
  • One-fifth do not have/don't know of special arrangements for communicating with key executives in the event of a natural disaster.
Furthermore, a majority of companies have had their business continuity plans updated in the past 12 months. But less than half (have had them fully tested during the same time period. While only 2 percent indicate that their plans have never been updated, 12 percent indicate they have never been tested.

"Businesses of all sizes need to be vigilant about continuity planning, especially in light of how the day-to-day demands of serving customers require an ever-expanding reliance on technology to get the job done," said John Craft, vice president of Enterprise Business Sales for North Carolina and South Carolina, AT&T. "However, a business continuity plan is not enough and in fact, not all companies have one in place. Organizations must regularly test and update their plans to reflect changes in their business so that, in the event of disaster or major security breach, they can be best-prepared to restore and maintain key processes and operations."

The largest of AT&T's exercises this year is being conducted in Charlotte, N.C., this week through Wednesday. This week's exercise is the first ever conducted in Charlotte. These events are designed to test, refine and strengthen AT&T's business continuity