An organization’s ability to recover from a disaster or disruptive event (natural disaster, human-made disaster) and resume operations as quickly as possible is referred to as disaster recovery or business continuity.
Business Continuity Planning
For an expedient disaster recovery to happen, an organization must have a strategic plan in place, usually referred to as a Business Continuity Plan (BCP). The implementation of a BCP should happen well before disaster ever strikes. The BCP outlines the essential emergency plans necessary for an organization’s successful and timely disaster recovery.
An effective disaster recovery plan or business continuity plan must be well written, understandable to all key personnel as well as be easily accessible to those people in the event of an emergency situation.
Due to the constant changes that occur in today’s business environment, a BCP will require frequent updates in order to deal with new and existing threats as they surface. An auditor should determine if procedures stated in the plan are up-to-date, used in practice and viable.
- By examination of the disaster recovery plan
- By direct observation of procedures
- By testing of processes to ensure reasonableness
- By inquiries of personnel
All Organizations, no matter what size, should create a BCP manual in the event of an unforeseen disruptive event or disaster. Strong evidence clearly indicates that many business organizations simply don’t invest enough time or resources into business continuity planning. For example, statistics show that fires permanently close 44% of the business affected. Another example is the World Trade Center bombing, where 150 businesses out of 350 failed to survive that horrific event.
Most businesses these days depend heavily on technology and automation. Continued operations of a business/organization depend on being aware of potential disasters before they strike. Having a strategic disaster recovery plan to minimize disruptions and recover operations quickly is key. A smart disaster recovery plan should include a set of actions to be taken before, during and after a potential disaster. The plan should be periodically tested, to make sure there is continuity of operations and availability of resources at the onset of a disaster.
The main purpose of disaster recovery planning is to protect a business/organization, in the event that all or part of its operations and/or computers become disabled. Being prepared in a disaster situation is of paramount importance. Thorough planning will minimize the disruption of operations and maintaine a higher level of operational stability and recovery after a disaster.
Comprehensive Disaster Recovery Planning
Your disaster recovery planning should include the following objectives:
- Reliability of standby systems
- Established sense of security
- Minimized risk of delays
- Standards for plan testing
- Minimized decision making in a disaster
It’s imperative that all businesses/organizations be armed with a sound recovery plan before disaster strikes. Even a few days of disruption could cause major financial loss if not threaten the survial of many businesses without having solid planning to act quickly on.