Business Continuity Planning is the way an organization can prepare for and aid in disaster recovery. It is an arrangement agreed upon in advance by management and key personnel of the steps that will be taken to help the organization recover should any type of disaster occur. These programs prepare for multiple problems. Detailed plans are created that clearly outline the actions that an organization or particular members of an organization will take to help recover/restore any of its critical operations that may have been either completely or partially interrupted during or after (occurring within a specified period of time) a disaster or other extended disruption in accessibility to operational functions. In order to be fully effective at disaster recovery, these plans are recommended to be regularly practiced as well as outlined.
In layman’s terms, a Business Continuity Plan or BCP is how an organization guards against future disasters that could endanger its long-term health or the accomplishment of its primary mission. BCPs take into account disasters that can occur on multiple geographic levels-local, regional, and national-disasters like fires, earthquakes, or pandemic illness. BCPs should be live and evolving strategies that are adjusted for any potential disasters that would require recovery; it should include everything from technological viruses to terrorist attacks. The ultimate goal is to help expedite the recovery of an organization’s critical functions and manpower following these types of disasters. This sort of advanced planning can help an organization minimize the amount of loss and downtime it will sustain while simultaneously creating its best and fastest chance to recover after a disaster.
Disaster Recovery (DR) is the process an organization uses to recover access to their software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster or a disaster caused by humans. While Disaster Recovery plans, or DRPs, often focus on bridging the gap where data, software, or hardware have been damaged or lost, one cannot forget the vital element of manpower that composes much of any organization. A building fire might predominantly affect vital data storage; whereas an epidemic illness is more likely to have an affect on staffing. Both types of disaster need to be considered when creating a DR Plan. Thus, organizations should include in their DRPs contingencies for how they will cope with the sudden and/or unexpected loss of key personnel as well as how to recover their data.
Disaster Recovery Plans are generally part of a larger, more extensive practice known as Business Continuity Planning. DR plans should be well practiced so that the key players are familiar with the specific actions they will need to take should a disaster occur. DR plans must also be adaptable and routinely updated, e.g. if new people, a new branch office, or new hardware or software are added to an organization they should promptly be incorporated into the organization’s disaster recovery plan. Companies must consider all these facets of their organization as well as update and practice their plan if they want to maximize their recovery after a disaster.
Business continuity / Disaster Recovery Plans come in various forms, each reflecting the corporation’s particular set of circumstances. The following are some of the general step required to develop and implement a plan.
Policy Statement (Goal of plan, reasons and resources Business Impact Analysis (how does a shutdown impact the business financially and otherwise) Identify Preventive Steps (can disaster be avoided by taking prudent steps) Recovery Strategies (how and what you will need to recover) Plan Development (Write plan and implement plan elements) Plan buy-in and testing (very important so that everyone knows the plan and knows what to do) Maintenance (continuous changes to reflect current situation)