Business continuity and disaster recovery planning are processes that help organisations prepare for and recover from disruptive events. These eventualities can be everything from a simple power outage, technological failure, natural disaster, terror attack, cyber-attack and more.
Regardless of severity, these events have the potential to limit access to your offices, kill communications, damage IT systems and threaten your vital data.
It is crucial for businesses to manage risks and reduce the impact on customers and staff. This has seen more businesses move part or whole operations to the cloud. However, moving to the cloud does not absolve the business from all risks and it does not pass the responsibility to someone else. A Disaster Recovery (DR) / Business Continuity (BC) plan is as important as ever.
More importantly, the plan should be up to date and as comprehensive as possible. Every business has its own plan based on its operations, structure and unique circumstances.
However, if you are starting your strategy from scratch, here are the key things you should include in your DR/BC plan.
Disaster Levels and Scenarios
Disruptions/disasters vary in severity and risk. Therefore, it is important to set out different courses of action on different circumstances based on risk and severity.
Level 1: Minor
Disruptions at the minor level include such things like minor flooding, small contained fires, system/application failure and short-term power outages. They impact an isolated part of the physical environment such as a supporting infrastructure or system. Dues to their low impact and severity, they can be restored quickly. Typically, you don’t even need to activate the disaster recovery team to address the situation and resume normal operations.
Level 2: Major
These are significantly bigger events which impact the primary physical environment in a manner that causes normal operations to stop. Such events include; chemical spills, larger fires, building inaccessibility etc. their heightened level of severity require an immediate response from the management and the DR team. The team needs to move quickly to recover and restore systems critical to the business.
Level 3: Catastrophic
These scenarios do not take place very often. However, when they do, the impact is crippling. They include events such as hurricanes, regional disasters such as floods or fire, extended regional power outages and technical/cyber-attack threats. Their nature and severity cause massive disruption in IT services. They also require the highest level of management to give directives on incident response and business recovery process.
Given that disasters vary in severity and impact, your IT team should have a clear reference table to help them determine the level of each disaster. This will also help them decide which level of management to engage and the personnel required to behind mitigation and recovery efforts.
Roles and Responsibilities
The speed and efficiency with which your team implements the DR/BC plan depend on how well they understand their roles and responsibilities in the process. Therefore, it is important to have a designated DR coordinator to serve and the logistical coordinator central point of contact. He or she will also direct and document the steps to be taken. The roles and responsibilities should further be broken down to the various stages of the plan; during normal operations, during the disaster and after the disaster.
During normal operations, the DR coordinator should be responsible for updating and maintaining your DR/BC plan. They should train the relevant staff, test the plan and anticipate new threats. If a disaster occurs, the DR coordinator will determine its level, engage the appropriate personnel, give directives on steps to be taken and document the actions. After the disaster, the coordinator should lias with relevant personnel to ensure IT functions are restored and normal operations resumed. He or she should also perform a post-disaster review and institute changes to the DR/BC plan if needed.
It is nearly impossible to anticipate and predict how a disaster will play out. As such, you cannot reliably predict how many people might be required. The last thing you want is not to have enough people to implement the disaster recovery plan. Therefore, include primary and backup contacts for as many shareholders as you can find. These people include; IT support people, management, key vendors, key customers.
Recovery Checklists and Procedures
You have the best DR/BC plan and the right personnel. You now need to take specific actions in implementing the plan. As such it is important to document the recovery procedures step by step and in bullet format in response to each disaster and in accordance with its level. Consider using, connectivity diagrams, configuration tables and templates to depict the various aspects of the network and the step by step procedures needed to restore them.
Response and Recovery Log
As soon as your DR coordinator gets a notification on a disaster, he or she should start logging the sequence of events as they happen. They should then share the progress with the relevant management personnel until the disaster is resolved. This documentation helps the management monitor recovery and use the information to streamline the recovery process.
Although this is not a comprehensive list of all that your disaster recovery and business continuity plan should include, it is a great foundation. Depending on the nature of your operations, you might find it useful to include, app interferences and dependencies, damage assessments checklists and alternate recovery information. The key is to build a plan that works for your unique set of circumstances and objectives.
At Our IT Department, we are committed to providing businesses in London and the East of England with the best IT support services. With over 20 years of experience in the field, we will walk with you and ensure you get the best disaster recovery and business recovery plan that suits your business. Talk to our friendly customer service representatives today and let us help you shield your business from disruptions.