In the event of a disaster, a bespoke Business Continuity strategy will help your organisation to continue operating effectively.
The most important thing you can do to protect your organisation is to prepare properly for both business rescue and corporate recovery. Here are some general tips to help you create a solid Business Continuity and Disaster Recovery (BCDR) plan:
1. Research the subject in detail before you get started
It is crucial to understand the ins and outs of BCDR before attempting to pull together a strategy. Having a solid understanding of the processes associated with the planning process puts you in a good position to not only communicate the worth of a strategy but also to deliver on it in the long run.
2. Communicate the need for a plan and deal with concerns over costs
It is important that the right people are on-board from the start when you are thinking of creating a new BCDR plan. Whilst demonstrating the value of the project at a later stage will be easier, it is a good idea to give the relevant individuals some information which will demonstrate the need for a new plan in the early stages.
There is no point in rushing headlong into the planning process only to find that you are unable to implement changes further down the line. You may also find that individuals in your team have additional insight into potential threats. Make sure to demonstrate that BCDR plans can be cost effective and tightly integrated with everyday processes within your organisation.
3. Assess your existing plan (if you have one) and highlight the areas that are well covered as well as the potential flaws
After you have discussed and the need for a new plan has been recognised, the next step is to look at the current procedures that are already fulfilling BCDR functions.
If it is the case that aspects of your current procedures already protect your organisation well in certain areas, make sure to find ways to integrate them into your new plan. Then you will be in a position to try to isolate key areas where your organisation may suffer the most in the event of a disaster.
4. Analyse environments and take note of potential threats
The way your organisation operates in a social context and within tangible environments will heavily influence the methods that will work well to protect your company.
Make a detailed list of the threats your business could potentially face, then categorise them in alignment with the systems they are likely to have an impact on. It is better to err on the side of caution during this process rather than discounting too many possible problems.
Once you have a list of the potential threats, you will start to see the true value of implementing a new plan. Every organisation has inherent vulnerabilities which cause exposure to certain threats. Don’t forget that this process is a positive step, specifically focussed on recognising potential issues and dealing with problems before they occur.
5. Figure out how much downtime can be tolerated regarding each system within your organisation
Determining the tolerance for downtime with regards to each system should be a priority in the planning process.
If an IT system which is considered to be a priority is subject to an outage, it will usually necessitate a much faster reaction than secondary systems. The speed of reaction needed for each individual system is often the key factor in determining the cost of the response to a fault or a disaster.
6. Prepare for IT issues by ensuring there are solid fallback systems in place
There are numerous ways to ensure that you will be well covered in regards to your IT systems. How far you can go in terms of immunising your organisation against potential problems will depend on the size of your company/networks and the budget available.
Having systems in place which ensure that there is a near-immediate switch to backup servers in the event of a disaster is absolutely crucial. Having efficient local data backups to fall back on is also very important and investing in additional offside backups could be a sensible option.
There generally needs to be a compartmentalised approach to covering IT in order to ensure that one fault in one section of the network doesn’t result in a full system collapse. Developing an overview of the network can help to improve your understanding of potential problems within the network. Enterprise management tools can also help you to take an inventory of the equipment being used throughout your company.
There are different levels of protection you can opt for in this regard and as previously mentioned; the speed of response and the extent of cover needed (particularly for IT systems) will usually determine the costs.
7. Define and communicate the impact and consequences at service level
At this stage, you should take the information gathered and communicate about the impact of faults at service level with members of senior management.
The level and speed of response needs to be discussed and deemed appropriate by key members of your organisation before you commit to any service-level agreements. With a clear view of technical aspects of the plan, contingency policies can subsequently be defined.
8. Factor in the training and procedures for your team
Once the plan is implemented, employees need to understand their roles in the BCDR strategy. Consider all aspects of their exposure to a disaster including the time and resources needed in order to train and support employees so that they are well prepared.
9. Test the plan regularly
To ensure the ongoing value of the implementation of a Business Continuity and Disaster Recovery plan, you must thoroughly test the plan initially and then on a continuing basis. These tests should take into account the true conditions of your business.
Nice article, I really like how you explain some general tips to help create a BCDR plans.Currently i have been consulted by webdiretors http://www.webdirectors.co.uk in my BCDR plans. Thanks for your article it really helps me out understanding BCDR plans.