Disaster Recovery and Business Continuity Plan
1) What's the different between disaster recovery planning and business continuity planning?
Disaster recovery planning and business continuity planning is used by businesses in case of any emergency or unseen situation. The main difference between two is that disaster recovery plan is used for survival while business continuity plan is used to bring business on track with the required amount of sales and revenue etc.
Disaster recovery plan is the plan that is used after an unfortunate event has been occurred, to help business stable itself from the disaster. This disaster can be either man made, natural or environmental and can vary in severity. Mostly, as a result of disastrous event, organization
…show more content…
BR/DR plans should essentially have a plan through which IT and Human Resources would interact with each other, concern of management committee and plan to explain how employees would communicate with each other and continue to carry out their tasks.
Every organization holds IT infrastructure and HR as main assets, while the priorty among too may change from company to company, main question would still remain that how would they both interact with each other, as both are interdependent and work in collaboration. So, a method of interaction is required to be formulated through which both would continue to work together in a successful manner.
Only senior committee can explain each process to its finest and can tell the essentials of any process. Senior management concern in the development of plan helps in creating a more robust plan where every need is met in a more effective way.
In case of any disaster recovery or business continuity plan, main focus is always to find a way through which business operations keep on the track. For this purpose, plan should include methods through which workers would interact with each other and carry out their routine
…show more content…
Organizations usually over shadow bigger mistakes over smaller ones, resulting in the fact that many minor processes remain unanswered and unplanned which may lead to certain hurdles during a disaster recovery process.
Every business should plan and test its recovery to know whether it is reliable enough to depend upon. Organizations usually consider that they would never fall victim to any attack and thus never plan for any of such event, or they plan enough but never test it for its working which, in the end, is revealed to be impractical. Moreover, testing usually reveals many aspects that are never considered or come across during planning phase.
Lack of senior management concern and their commitment with adequate amount of funding can cause plan to be left with certain gaps. Senior management that includes managers from all departments can only provide insight to processes while a good funding can only ensure that there are reliable back ups present for every type of
4. What is the main difference between a Disaster Recovery Plan (DRP) and a Business Continuity Plan
Disaster Recovery team had previously prepared Disaster preparedness plan, a Backup and Recovery Policy, and a Business Impact Assessment.
Presentation regarding the university’s Disaster Recovery Plan/Enterprise Continuity Plan including: basic structures; roles within the DRP/ECP plan; areas within a company if addressed improve resilience to catastrophic events, and an employee awareness campaign.
Business Continuity and Disaster Recovery (BCDR or BC/DR) are closely related practices that describe an organization's preparation for unforeseen risks to continued operations. The trend of combining business continuity and disaster recovery into a single term has resulted from a growing recognition that both business executives and technology executives need to be collaborating closely instead of developing plans in isolation.
The five methods of testing a disaster recovery plan are providing a walk-through, setting up simulations, having checklists, parallel testing, and making a full interruption test. The walk-through helps test the plan by finding things more important or irrelevant that can be added or omitted from the plan. Simulations provide practice sessions of what a disaster would or could do to a business. Simulations also show the plan when it is put into effect. Checklists provide a list that each department uses to check off tasks completed. Parallel testing is a clone system that runs with the main system until the main system is ready to come back online. Full interruption will stop the production systems fully and start them back up to see the programs work or fail.
The plans devised by each team can be tested. It may not be possible to test all sessions at one time. Facilities can have planned drills in which they evacuate buildings. IT can test their back up servers by accessing files at random times. It’s recommended that IT does this frequently as even one lost day of data could do harm to the company. Employees should be able to go through the motions of a disaster day. Everything from calling into a line and making sure they understand instructions for new meeting locations to being able to work from a remote computer should be covered. The warehouse and create a strategy to obtain new transportation and new storage facilities should theirs be destroyed. It’s better to practice and understand the plan before any incidents occur than to try to piece it together in the middle of chaos.
Thank you for your response. Whenever a crisis hits an organization, not even the best business insurance can fully compensate for the loss. So after the horrific events of 911, human resource and risk management departments (Washington DC adjacent companies) acknowledged the need for continuity /disaster recovery plans. In many cases, insurance carriers required a written continuity /disaster recovery plan on file for continued coverage.
First, Incident Response (IR) plan “is a detailed set of processes and procedures that anticipate, detect, and mitigate the effects of an unexpected event that might compromise information resources and assets.” (Whitman, 2013, p. 85). Consequently, Incident response planning (IRP) is the planning for an incident, which occurs when an attack affects information systems causing disruptions. On the other hand, Disaster Recovery (DR) plan “entails the preparation for and recovery from a disaster, whether natural or human-made.” (Whitman, 2013, p. 97). For instance, events categorized as disasters include fire, flood, storm or earthquake. Thus, the differences between an Incident Response (IR) plan and a Disaster Recovery (DR)
An organization must create a resilient security governance framework for mitigating risks. This is done by determining the teams, team leads and understanding the risks the organization faces. Also, all the frameworks and plans such as the disaster recovery plan, business continuity plan and crisis management plan must be integrated and must work hand in hand. Any data used for creating one of these plans must be shared to update the other plans proactively.
The significance of each major phase of continuity planning merits attention because each phase contributes to building all four areas of business continuity: disaster recovery, business recovery, business resumption, and contingency planning:
Disasters have become an inevitable part of businesses and organizations as well. They not only have a major effect on business and organizational continuity; they also result to an overhaul in organizational operational mechanisms (Awasthy, 2009). It is for this reason that many organizations and business resort to preparing business continuity plans and disaster recovery plans that will facilitate better disaster management in future. Effective disaster recovery plans are important to every business and organization (Thejendra, 2008).
Disaster recovery is the process of an organisation uses to recover access the data, and also hardware that are needed to recollect the performance to be in normal position after a disaster occurs. While disaster recovery plans have to be focus in every aspect in any organisation and bringing the gap closure after destruction it can be like data, hardware, or software have been lost and the manpower that composes much of any organisation.
Disaster Recovery Planning is the critical factor that can prevent headaches or nightmares experienced by an organization in times of disaster. Having a disaster recovery plan marks the difference between organizations that can successfully manage crises with minimal cost, effort and with maximum speed, and those organizations that cannot. By having back-up plans, not only for equipment and network recovery, but also detailed disaster recovery plans that precisely outline what steps each person involved in recovery efforts should undertake, an organization can improve their recovery time and minimize the disrupted time for their normal business functions. Thus it is essential that disaster recovery plans are carefully laid
Owning a business can have many stressors day to day. When starting a business there is a lot of planning and preparation involved. Many small businesses are owners who have put their own money into the business and look at it as an investment. Unfortunately with all the planning that goes into starting a business, one thing is often over looked. Most of the time the “what ifs”, are not part of the planning stage. One reason for this is that people do not like to think of the bad things that could or may happen. So with all the time and planning put into starting a business why not put some extra thought into a plan B if a disaster strikes? This plan B could be a business continuity plan or a disaster recovery plan. Business continuity plans are an essential part of the modern day business. There are so many potential disasters for small businesses that could seize the production or even close the business down for good. A recent study from Gartner Inc., found that “90% of companies that experience data loss go out of business within two years. It also found that 80% of company owners have not thought about how they would keep their businesses up and running if a data disaster occurs.” According to the Association of Records Managers and Administrators, “about 60 percent of businesses that experience a major disaster such as a fire close
Contingency planners are now asserting that contingency planning is a value-added component that can be a competitive advantage in the marketplace as well a means of helping organizations save money. Processes that are deeply analyzed in terms of continuity will usually be more secure, and new ways of working may emerge to help streamline operations. Contingency planning can be useful when forging alliances with external organizations or during acquisition phases. Contingency planning should be part of an organization’s quality cycle as well. “Business continuity and disaster recovery have gained somewhat in the eyes of top corporate management since the start of the 1990s. As the industry has slowly evolved from what could almost have been called a ‘black art’ to something starting to resemble a disciplined science, basic business principles have begun to become increasingly relevant” (Rothstein, 2003, p. 1).