|
No, it needn't be difficult. Much of a DRP initiative is common sense. The rest
is greatly simplified through simple to use proven tools and templates.
This Disaster Planning Template was use by consultants who created the
Disaster Recovery Plan and Business Resumption plan that Merrill Lynch used
after 9/11. It is a proven process and set of tools.
This site is designed to catalog the easiest yet most effective approaches and products... to make disaster recovery planning less of a trauma and more of a business process.
The creation of the plan itself is the first port of call, but we also examine contingency audit and risk analysis from a simplification perspective.
|
|
|
|
|
|
|
Risk analysis
is inextricably linked with disaster
recovery. Assessment of the risks which may
lead to disaster is essential in the
determination of what controls are
appropriate to the situation. Again,
however, risk analysis is often made more
difficult than necessary.
Do you really
need a complicated piece of software to
create your plan? Do you need 20 years
experience in business continuity planning?
Do you need to divert untold resources into
the plan creation exercise? Certainly, if
you employ the
Disaster Recovery Planning Template the answer
is... NO!
|
|
|
How do you ensure that your disaster recovery plan meets your actual needs? How do you know that it will all work? Do you audit it, and if so, how?
Equally fundamentally, do you know what your resource/service dependencies are and what their time criticalities are? What of your actual everyday contingency practices - do they measure up?
To determine and ensure all of this with minimum fuss, a comprehensive but extremely simple to use product is now available.... the
Disaster Recovery Toolkit
- Business and IT Impact Analysis.
|
|
|
|
|
Disaster Planning Information |
|
Risk
analysis is inextricably linked with
disaster recovery. assessment of the
risks which may lead to disaster is
essential in the determination of
what controls are appropriate to the
situation. Again, however, risk
analysis is often made more
difficult than necessary.
The
Threat & Vulnerability Assessment
Tool Kit
and tool was designed to simplify
matters, and to make risk analysis
more widely accessible through
automation. It is now probably the
most widely used product and method
in the world
|
|
For more information on disaster recovery plans and business continuity we are pleased to introduce our online
IT Productivity Center.
 |
|
Disaster Planning News
Over 50% of all organizations have no plan
in place to recover their critical information should an unforeseen event occur,
and almost as many have no strategy to keep their business running following a
major disruption.
The findings are in just released research into data management practices. It
found 48 per cent of organizations admitted to having no business continuity
plan, and 51 per cent have no disaster recovery (DR) procedures.
This lack of DR
planning is consistent with surveys done out in 2007 and 2009. The current
research was compiled in an online survey of 1,000 companies last
October.
The survey found that some companies are following best practice in data
management: 18 per cent said they could restore mission-critical applications
within four hours if their network or data center were destroyed; 23 per cent
cited a recovery time of up to one business day and 22 per cent cited four
business days or more.
more info
Business Continuity Planning 101
The basic process for developing a business continuity plan is:
- Create a business continuity planning team:
Members should be from operations management, the chief security officer, the
IT department, legal staff, and human resources.
- Define leadership roles: Determine which
executives and employees are critical to operating the business (and
supporting customers) that need to have access to key systems and information
at all time.
- Assume the worst and plan for needed extra
capacity: Before an event occurs, businesses need to plan ahead
for increased network bandwidth and secured remote access requirements.
- Define emergency voice and data communications
solutions: There are many to choose from, but a SSL VPN is one of
the leading solutions to provide flexible, remote access, which is essential
to any business continuity plan.
- Define access points for operations, network and
IT: Create a business continuity portal for employees and
partners. If the company has an Intranet, this site becomes command central
from which employees can access information - HR policies, emergency contacts
and a "start here" feature should be included.
- Contract for a secondary back-up site: Should the
primary site be unavailable, companies should have a real-time mirror of data
and staff housed at a secure facility.
- Backup data: In the event that the secondary site
is unavailable, organizations should plan for multiple layers of failover.
- Plan to utilize smartphones and tablets: With mobile devices and "wireless
networks", IT departments can leverage these tools to ensure complete
connectivity in times of emergencies.
- Pre-arrange Internet meeting capabilities: In the
event of an office closure, employees still need to communicate internally or
with external parties (i.e. suppliers, customers). Implement the technology
before it is needed
- Review number of sites and VPN gateways:
Conducting an annual audit to provide a complete picture of your network and
the ability to address problem areas before a disaster strikes.
- Test and test again: These 'fire drills'
enable the business continuity team to see how the current system is working,
especially when employees are accessing information from remote locations
(i.e. from home, a relative's house, and hotel). Once complete, those in
management, IT and human resources can modify their business continuity plan
accordingly.
more info
Core backup and recovery concerns
CIOs and IT Managers need to consider manadated compliance
requirements
- Question that need to be answered are:
- Is our data safe in transit and at rest?
- What prevents hackers from gaining access to our data?
- Is our data properly handled, stored, and deleted?
- Who can access our data?
- What are the benchmark measurements?
- Is our data backup strategy compliant?
- Will our recovery be successful?
more info
How long should it take to create a business continuity plan?
Business continuity planning is a continual process, and not something that
is done once and filed away to be used in an emergency. In error many
organisations treat the creation of a business continuity plan as a normal
project, subsequently deploying the plan and handing over to an operational
department for maintenance.
In most organizations, DR is the quintessential complex, unfamiliar task.
Disasters happen so rarely that recovery operations are the opposite of routine.
What's more the myriad, interconnected data, application and other resources
that must be recovered after a disaster make recovery an exceptionally difficult
and error-prone effort.
How
to create a business continuity plan...
more info
Which states had the fewest major weather disasters
The U.S. has sustained 112 weather/climate disasters over the past quarter
century in which overall damages/costs reached or exceeded $1 billion. The total
standardized losses for the 112 events exceed $750 billion, according to The
National Oceanic and Atmospheric Administration (NOAA), National Climatic Data
Center.
more info
