Disaster Planning Template

No, it needn't be difficult. Much of a DRP initiative is common sense. The rest is greatly simplified through simple to use proven tools and templates. This Disaster Planning Template was use by consultants who created the Disaster Recovery Plan and Business Resumption plan that Merrill Lynch used after 9/11. It is a proven process and set of tools.

This site is designed to catalog the easiest yet most effective approaches and products... to make disaster recovery planning less of a trauma and more of a business process.

The creation of the plan itself is the first port of call, but we also examine contingency audit and risk analysis from a simplification perspective.

Home Order Now How to Use Contact Us

Disaster Recovery Plan

Disaster Recovery Audit

Risk analysis is inextricably linked with disaster recovery. Assessment of the risks which may lead to disaster is essential in the determination of what controls are appropriate to the situation. Again, however, risk analysis is often made more difficult than necessary.

Do you really need a complicated piece of software to create your plan? Do you need 20 years experience in business continuity planning? Do you need to divert untold resources into the plan creation exercise? Certainly, if you employ the Disaster Recovery Planning Template the answer is... NO!

How do you ensure that your disaster recovery plan meets your actual needs? How do you know that it will all work? Do you audit it, and if so, how?

Equally fundamentally, do you know what your resource/service dependencies are and what their time criticalities are? What of your actual everyday contingency practices - do they measure up?

To determine and ensure all of this with minimum fuss, a comprehensive but extremely simple to use product is now available.... the Disaster Recovery Toolkit - Business and IT Impact Analysis.

Threat / Vulnerability

Disaster Planning Information

Risk analysis is inextricably linked with disaster recovery. assessment of the risks which may lead to disaster is essential in the determination of what controls are appropriate to the situation. Again, however, risk analysis is often made more difficult than necessary.

The Threat & Vulnerability Assessment Tool Kit and tool was designed to simplify matters, and to make risk analysis more widely accessible through automation. It is now probably the most widely used product and method in the world

For more information on disaster recovery plans and business continuity we are pleased to introduce our online IT Productivity Center.

Disaster Planning News

The Difference Between Disaster Recovery Planning and Business Continuity Planning Defined

Disaster Recovery Planning (DRP) is the process by which you resume business after a disruptive event. This typically means that you can get the enterprise computers, networks, and data base operational. The event might be something huge-like an earthquake or the terrorist attacks on the World Trade Center-or something small, like malfunctioning software caused by a computer virus.

Given the human tendency to look on the bright side, many business executives are prone to ignoring "disaster recovery" because disaster seems an unlikely event. However Janco has found that over one third of all enterprises have had to activate their Disaster Plans in the last few years.

Business Continuity Planning (BCP) suggests a more comprehensive approach to making sure you can keep the enterprise going and meet it business objectives. This goes beyond the enterprise computers, networks and data bases. However, the two terms are married under the acronym DR/BC or DRP/BCP. At any rate, Disaster Recovery Planning and/or Business Continuity Planning facilitate how a company will keep functioning after a disruptive event until its normal facilities are restored.

more info

Most data disasters are caused by human error

CIOs should be aware of the fact that human error is often the main factor responsible for data disasters. Janco Associates now attribute the increase in human error incidents to complex storage systems such as multiple RAID systems on the same computer coupled with older equipment, reduced budgets, lower staffing levels, and poorly trained IT staff.

With advanced storage options such as virtualization and cloud computing offering corporations storage optimization, human processes are still conrolling factors as individuals must direct the technology as to how to operate. The complexity of these systems require a steep learning curve, and with reported IT spending at a low (down 6.9 percent in 2009 according to some research firms.), human error is increasingly more common.

Typical human caused data disaster are:

Pulling the wrong drive. While trying to replace a failed disk in a RAID array, a healthy disk is accidently removed.
Reformatting a disk. During a server migration, the wrong SAN LUN is accidently reformatted.
Restoring corrupt/old backup data. A server containing a business-critical database is deleted by mistake and is restored with a corrupt or incomplete backup prior to realizing the backup is not sound.
Rebuilding a bad array. Following a multiple drive failure in a RAID array, an attempt to force the failed drives back online and rebuild the configuration is made, whereby damaging or corrupting the data on the array.
Deleting data. Files, volumes, virtual machines or a SAN LUN is deleted by accident and there is no backup or the backup is old or corrupt.

more info

H1N1 spurs demand for disaster recovery and business continuity tools

The H1N1 pandemic is pushing companies to upgrade their secure remote access capabilities in order to enable more employees to work out of their homes and other remote locations in an emergency.

Vendors of remote access technologies are reporting an unexpected increase in demand for their products over the past several months as a result of H1N1-related concerns.

"Companies are really looking for is the ability to provide secure, remote access to more of their employees," said Victor Janulaitis, CEO Janco Associates, a provider of Disaster Recovery and Business Continuity Tools. "Most companies have extensive mobile workforces. What they are doing is planning for an ever increaseing scale," he said.

According to data collected by Janco, much of the increased interest has come from larger enterprises. These are the enterprises that seem to be more aware of the need for planning.

Security policies and procedures such as those offered by Janc provide teleworkers with rules on how to secure access to enterprise applications from any location, using a broad range of devices. They enable IT administrators to enforce security and information usage policies.

more info

A network outage is a disaster

A network outage is a business interuption and a disaster for most enterprise. The disaster recovery planning process needs to consider this as one of the most likely events to occur.

As businesses rely more heavily on the internet to transact business and link together branch offices, remote workers, customers and business partners, the WAN connection becomes more important than ever. A single pipe may be a company's only link to the outside world. If this pipe goes down, crucial networking functions come to a crashing halt. Although most business lines are reliable, outages are not very common. A software company that has over 25 branch offices, each with a T-1, in several 3^rd world locations has frequent outages. About once a month, they have a T-1 outage in one of the offices, lasting from 4 to 20 hours. During that time, that remote office is effectively cut-off. Without the WAN line, you cannot make phone calls, get e-mails or do any kind of electronic transaction. They are unable to communicate with the outside world and effectively dead in the water.

more info

Business continuity planning for a Pandemic

Larger corporations typically can continue business as usual even while many employees are out sick in a Pandemic. However Business Continuity Planning at small firms rely heavily on key individuals and find themselves nearly incapacitated if several of those key people get sick, must stay home with sick children, or are in areas put under quarantine.

Phone Trees

At a minimum, small business owners should update employees' contact information to include current home phone numbers and addresses, e-mail addresses, and cell phone numbers. Some employers establish phone trees so they can efficiently contact all their employees to check on and alert them during an emergency.

Another vital component to a business continuity plan is to collect contact information, including cell phone numbers, for their suppliers, vendors, and key customers. Keep this information in print and online, and store copies off-site in case you can't get into your office.

A host of legal and medical questions may arise for small business owners if swine flu roars back with a vengeance this fall.

Imagine you run a small business like a day-care center, where vulnerable children congregate and colds and flu are prevalent. Do you close and send your entire staff and all children home at the first sign of any flu? Do you send home only sick children and sick staff? When? When do you reopen or allow them to return? What information and medical clearance would you need to send staff or children home, allow them to return, close, or reopen the center? These are not easy questions.

Backup Staff

Janco recommends that companies prepare for operational disruptions by doing employee cross training or lining up backup staff now. Employers should review and enhance existing emergency disaster plans to ensure business continuity. Employers that are just getting started should develop a plan that includes pandemic preparedness, and review it and conduct drills regularly. A checklist for flu policy is posted at the government's flu awareness Web site.

Aside from preparing and practicing for pandemic, small business owners may want to check with their attorneys for advice on unusual situations -- What do you do with employees who are medically vulnerable to the flu or those with young children or elderly relatives at home? Do you send them home? When and for how long? With pay?

Paid Sick Leave?

The federal Family Medical Leave Act provides eligible employees with up to 12 weeks of unpaid leave to care for themselves or sick family members. Generally, FMLA regulations do not cover flu absences unless complications arise, but courts recently have interpreted the FMLA to mandate leave for the flu and other viral infections.

However, the federal law does not cover firms with fewer than 50 employees. Small employers usually do not have to provide sick leave, so it is a surprise to many employees that they are not entitled to any sick leave, much less any paid sick leave.

Another question for your human resources manager and/or attorney is what communications responsibility you have as a business owner if one of your employees is diagnosed with swine flu. There are health confidentiality and privacy issues for employees, so employers should not disclose personal health information. But employers do not want a modern day Typhoid Mary spreading swine flu at work. If there is an employee with confirmed swine flu, some employers are alerting employees that there may be swine flu exposure at work without identifying the involved employee.

You might need to think about giving an infected person's immediate co-workers enhanced sick leave to protect themselves or family members, particularly if they have particular medical vulnerability to the illness, he says. Some employers bring in cleaning crews to disinfect an office where swine flu has been found. Providing hand disinfectant for employees is not a bad idea.

more info

Disaster Planning Template