May 18, 2020

Key Considerations and Tools for Planning a Safe and Productive Return to Workplace Guide


By Melissa Musser, Principal, Risk & Advisory Services

Many state and local governments are making plans to open businesses and get the economy moving again. For organizations that have closed their offices and storefronts to work remotely since mid-March, there are many challenges to consider before reopening. The health and safety of employees, clients, customers, contractors, and vendors have to be every employer’s first priority, even though they are also under pressure to focus on the future and surviving financially.

To help with this thought process, GRF CPAs & Advisors (GRF) has assembled some key tips and tools to help organizations evaluate and understand the full impact of the COVID-19 crisis on the organization. Based on industry best practices for crisis response, this toolkit is designed to help organizations accept change and plan to move forward in our new normal.

Decision-Supporting Tools for Leadership and the Board of Directors

Your board of directors will need to be informed of how your organization is handling top risk and impact to the overall strategic objectives. Below are some initial steps and tools to help you navigate risk reporting to your board:

  1. Update Your Organization’s Top Risks in light of COVID’s impact. A new risk assessment should be conducted to assess how COVID-19 and the economic crisis has changed your strategy and objectives as well as previously identified top risks. Organizations must consider potential legal vulnerabilities associated with the treatment of employees, including potential claims of discrimination, privacy violations, retaliation, and whistleblower claims. To help you collect your risk assessment download our risk register template and download the Strategic Risk Evaluation Guide to get started.
  2. Develop a heatmap of your organization’s top risk scenarios and outline remediation plans. Compiled risk scenarios should be ranked according to significance and likelihood of occurrence. Items above the risk threshold are candidates for further investigation and mitigation plans. Download GRF’s Heatmap Development Guide.
  3. Create mitigation and action plans for your organization. It is helpful to compile mitigation plan documents that consolidate similar risks, assign a key executive owner, and identify multiple action plan owners. Download our Mitigation Plan Template and GRF’s whitepaper on Business Continuity.


Critical Risk Considerations for Working in the COVID Era

The new normal means employers have to think differently about what it means to work together in offices. More remote work is in our future and that has lasting implications for the organization. Below are some critical considerations to consider in the new COVID era:

  1. How can we prevent the spread of COVID-19 by designing appropriate workplace controls?
  2. What are the emerging risks associated with new operating models implemented and related new standard operating procedures?
  3. How are we monitoring increased cybersecurity & privacy threats as more employees work remotely?
  4. Do we have new third-party risks due to operations & supply chain disruption?
  5. Do we need to re-write our 3-year strategic plan?


Management Actions Assertions the Board Should be Challenging

What worked before has now been turned on its head. As part of their roles as fiduciaries, board members must question “business as usual” and help leadership and staff adopt new approaches. The Board should be challenging the following management actions:

  1. Has Management performed an adequate assessment of key outsourced service providers?
  2. Has Management adequately assessed risk and have they considered potential legal vulnerabilities associated with the treatment of employees, including potential claims of discrimination, privacy violations, retaliation, and whistleblower claims as a result of COVID?
  3. Has Management performed adequate forecasts for financial reporting and budgeting (cash flow, growing concern, liquidity, commitments, and contingencies)?
  4. Has management adequately identified and assessed return-to-workplace related risks? How can we prevent the spread of COVID-19 by designing appropriate workplace controls? Do proposed return-to-workplace policies and controls address the key risks?
  5. Is management proactively sharing top risks and risk mitigation plans with the board?  Are they focusing on the risk that matter?


Developing Your Organization’s Return to Workplace Plan

Organizations returning to shared office space following the quarantine are developing compliance plans and playbooks intended to be “living” documents and updated as conditions change. Past economic crises have demonstrated that collective success in the execution of a few key responsibilities can be one of the single biggest drivers in sustaining the well-being of your employees and all stakeholders in your organization. Developing and communicating a plan helps individuals understand that they are expected to follow defined standards regarding basic hygiene, wear personal protective equipment (PPE) as appropriate, and practice social distancing. Download GRF’s Return to Workplace Guide to get started.  Additionally, the European Union’s European Agency for Safety and Health at Work offers resources on its COVID-19: Resources for the Workplace web page. In the U.S., the Occupational Safety and Health Administration (OSHA) provides a guide for preparing workplaces.

GRF’s Risk & Advisory Services practice offers clients expertise in organizational resilience to help them navigate crises like COVID-19 and the accompanying economic impact. For questions about your organization’s return to work plan, contact Melissa Musser, CPA, CITP, CISA, Principal, Risk & Advisory Services at