Posts Tagged ‘disaster planning’

Five Strategies For Business Survival

Sunday, September 18th, 2011

Business owners invest a tremendous amount of time, money and resources to make their ventures successful, yet emergency planning may get placed on the back burner in the face of more immediate business concerns.

At some point, your business will be disrupted by either a man-made or natural disaster; it’s not a matter of if, but when. Disaster recovery planning is vital to the longevity of the business.

Natural disasters like hurricanes, tornadoes and floods are particularly tricky to plan for because they can strike randomly and sometimes repeatedly in the same geographic location.

So how would a business survive such extreme threats?  Here are a few leading practices and strategies to help:

  1. Awareness:  A critical activity of Business Continuity actually occurs before the crisis. Informing and educating employees about programs, threats, expectations, accepted behaviors and actions will increase the likelihood that the intended response to an emergency will be achieved by making these situations at least a bit more familiar by way of repetition.
  2. Compliance:  Compliance with building code safety and frequent building code inspection checks are imperative to ensuring that your building is as safe as possible. The same method should be applied to information technology. Extreme caution should be taken when it comes to protecting your most valuable business resources.
  3. Redundancy: A variety of sources for accessing information should be available. Emails, website postings, “800” numbers to recorded messages, face-to-face information sessions, newsletters, and texting are viable methods.
  4. Frequency: During crises information changes quickly. Therefore, it is important to update messages frequently. Having a pre-established update schedule will benefit your organization during the business interruption.
  5. Communications: Often times at the beginning of a crisis there is a flurry of information, which then drops off. Crises can last for a while and people need different types of information from stage to stage. Maintaining communications continuity during all stages of a crisis is critical.

Patrick R. Dunn, CBCP, CISSP
Practice Manager – Disaster Recovery & Business Continuity

Tags: , , ,
Posted in Business Continuity | No Comments »

Observations from a Business Continuity Professional…

Friday, June 18th, 2010

It is sometimes easy to second guess others during a crisis, especially ones as devastating as Katrina or the current disaster in the Gulf. But to not criticize the disaster recovery plans or the lack of disaster recovery testing by British Petroleum should be considered negligent by any self respecting business continuity professional. 

I want to offer a few comments on Disaster Recovery (DR) and Business Continuity (BC) planning in general, as it pertains to the situation in the Gulf. 

  1. An experienced DR/BC professional follows leading best practices and would not create a boiler plate template that is implemented in all regions of an organization’s business.  A good DR/BC plan should be modified and customized to account for regional and cultural differences.  An oil company’s disaster strategy for Alaska should be vastly different from a recovery plan developed for the Gulf of Mexico because there are different environmental elements that must be considered and that will have a significant impact on the practicality of the plan.
  2. All DR plans need to be tested on a regular basis, especially ones that have the potential to save an entire region.  If these plans had been tested in the Gulf, then it would have been discovered that having a plan to save walruses was of no use in the Gulf of Mexico and their Call Trees would have had correct names in place.
  3. When creating Crisis Management Plans, it is not always necessary or desirable to have the CEO of a company giving status updates — that in itself can turn into a disaster.
  4. Don’t be afraid to accept assistance from vendors, suppliers, foreign governments etc.  They may have more experience in the type of event.
  5. Have a clearly defined Incident Commander and make sure everyone knows who is in charge.

If you don’t have a current disaster recovery plan in place, create one. Start with a Business Impact Analysis to inventory your current efforts. Then develop a viable, practical plan that can be tested, updated, and approved. Then repeat this process again and again to guarantee your plan remains effective and appropriate.

And by all means, utilize a business continuity expert to assist you. This will ensure you have a true and usable plan. 

Do all that is necessary, take all the needed steps and don’t shortcut the process…unless of course you want the end results to mirror what’s happening in the Gulf.

Patrick R. Dunn, CISSP, CBCP
Principal Consultant – Disaster Recovery & Business Continuity

Tags: , , , ,
Posted in Business Continuity, IT Solutions, The Water Cooler | 1 Comment »