When the South Tower of the World Trade Center collapsed on Deutsche Bank’s New York facility, the German banking giant lost its connection to the U.S. markets. Almost immediately, however, backup systems in Ireland kicked in, and Deutsche Bank went on to clear more than $300 billion in transactions that same day.

After the September 11th attacks, and more recently hurricanes Katrina and Rita, companies such as Deutsche Bank have been able to bounce back because they planned for the unthinkable. Yossi Sheffi, director of MIT’s Center for Transportation and Logistics, calls these organizations "resilient."

In his recent book, The Resilient Enterprise, Sheffi says companies and government agencies need to take a systematic approach to disaster planning. (To read an excerpt from his book, go to www.cio.com/030106.) The list of things that can go wrong is endless, especially in this age of supply chains that stretch around the globe, leaving companies vulnerable to strikes, natural disasters and civil unrest far from home base. Companies need to start cataloging what could go wrong, but they also need to examine their cultures to make sure theirs is resilient. Companies that recover in the face of devastation are those with redundant systems, but they also empower all levels of employees and create a sense of passion for work, Sheffi says. Company cultures that promote resiliency should be equipped to respond to almost any disaster.

Building redundant IT systems is most important for technology-intensive industries such as financial services. But even universities and other organizations with less pressing need for immediate backup should evaluate which types of data are most crucial to their daily operations. It’s a simple equation, Sheffi says. "It’s better to pay something now, than to possibly lose your business in the future," he says. Sheffi recently spoke with CIO about what makes companies resilient and how CIOs can build a case for a comprehensive plan to keep IT systems up and running when the unthinkable strikes again.

CIO: Several recent disasters have shown that companies and their IT leaders need to be prepared for the unknown. What have we learned, for instance, from Hurricane Katrina?

Yossi Sheffi: We’ve learned that the fates of companies and government agencies are sealed before the disaster hits. Organizations that get ready perform well; those that don’t prepare don’t do well.

Just look at FEMA. They were hiring people with no qualifications, and they had not set up adequate communication systems. This was happening for years. And New Orleans had not responded to warnings three days before the storm hit. On the flip side, we should look at Wal-Mart and Home Depot, which responded quickly. They have both spent years building up their emergency room and communications systems so they can respond to any natural disaster. These companies are able to change course when conditions change abruptly.