Business Continuity Plan

4. What is the main difference between a Disaster Recovery Plan (DRP) and a Business Continuity Plan

Disaster Recovery team had previously prepared Disaster preparedness plan, a Backup and Recovery Policy, and a Business Impact Assessment.

Presentation regarding the university’s Disaster Recovery Plan/Enterprise Continuity Plan including: basic structures; roles within the DRP/ECP plan; areas within a company if addressed improve resilience to catastrophic events, and an employee awareness campaign.

Business Continuity and Disaster Recovery (BCDR or BC/DR) are closely related practices that describe an organization's preparation for unforeseen risks to continued operations. The trend of combining business continuity and disaster recovery into a single term has resulted from a growing recognition that both business executives and technology executives need to be collaborating closely instead of developing plans in isolation.

The five methods of testing a disaster recovery plan are providing a walk-through, setting up simulations, having checklists, parallel testing, and making a full interruption test. The walk-through helps test the plan by finding things more important or irrelevant that can be added or omitted from the plan. Simulations provide practice sessions of what a disaster would or could do to a business. Simulations also show the plan when it is put into effect. Checklists provide a list that each department uses to check off tasks completed. Parallel testing is a clone system that runs with the main system until the main system is ready to come back online. Full interruption will stop the production systems fully and start them back up to see the programs work or fail.

The plans devised by each team can be tested. It may not be possible to test all sessions at one time. Facilities can have planned drills in which they evacuate buildings. IT can test their back up servers by accessing files at random times. It’s recommended that IT does this frequently as even one lost day of data could do harm to the company. Employees should be able to go through the motions of a disaster day. Everything from calling into a line and making sure they understand instructions for new meeting locations to being able to work from a remote computer should be covered. The warehouse and create a strategy to obtain new transportation and new storage facilities should theirs be destroyed. It’s better to practice and understand the plan before any incidents occur than to try to piece it together in the middle of chaos.

Thank you for your response. Whenever a crisis hits an organization, not even the best business insurance can fully compensate for the loss. So after the horrific events of 911, human resource and risk management departments (Washington DC adjacent companies) acknowledged the need for continuity /disaster recovery plans. In many cases, insurance carriers required a written continuity /disaster recovery plan on file for continued coverage.

First, Incident Response (IR) plan “is a detailed set of processes and procedures that anticipate, detect, and mitigate the effects of an unexpected event that might compromise information resources and assets.” (Whitman, 2013, p. 85). Consequently, Incident response planning (IRP) is the planning for an incident, which occurs when an attack affects information systems causing disruptions. On the other hand, Disaster Recovery (DR) plan “entails the preparation for and recovery from a disaster, whether natural or human-made.” (Whitman, 2013, p. 97). For instance, events categorized as disasters include fire, flood, storm or earthquake. Thus, the differences between an Incident Response (IR) plan and a Disaster Recovery (DR)

An organization must create a resilient security governance framework for mitigating risks. This is done by determining the teams, team leads and understanding the risks the organization faces. Also, all the frameworks and plans such as the disaster recovery plan, business continuity plan and crisis management plan must be integrated and must work hand in hand. Any data used for creating one of these plans must be shared to update the other plans proactively.

The significance of each major phase of continuity planning merits attention because each phase contributes to building all four areas of business continuity: disaster recovery, business recovery, business resumption, and contingency planning:

Disasters have become an inevitable part of businesses and organizations as well. They not only have a major effect on business and organizational continuity; they also result to an overhaul in organizational operational mechanisms (Awasthy, 2009). It is for this reason that many organizations and business resort to preparing business continuity plans and disaster recovery plans that will facilitate better disaster management in future. Effective disaster recovery plans are important to every business and organization (Thejendra, 2008).

Disaster recovery is the process of an organisation uses to recover access the data, and also hardware that are needed to recollect the performance to be in normal position after a disaster occurs. While disaster recovery plans have to be focus in every aspect in any organisation and bringing the gap closure after destruction it can be like data, hardware, or software have been lost and the manpower that composes much of any organisation.

Disaster Recovery Planning is the critical factor that can prevent headaches or nightmares experienced by an organization in times of disaster. Having a disaster recovery plan marks the difference between organizations that can successfully manage crises with minimal cost, effort and with maximum speed, and those organizations that cannot. By having back-up plans, not only for equipment and network recovery, but also detailed disaster recovery plans that precisely outline what steps each person involved in recovery efforts should undertake, an organization can improve their recovery time and minimize the disrupted time for their normal business functions. Thus it is essential that disaster recovery plans are carefully laid

Owning a business can have many stressors day to day. When starting a business there is a lot of planning and preparation involved. Many small businesses are owners who have put their own money into the business and look at it as an investment. Unfortunately with all the planning that goes into starting a business, one thing is often over looked. Most of the time the “what ifs”, are not part of the planning stage. One reason for this is that people do not like to think of the bad things that could or may happen. So with all the time and planning put into starting a business why not put some extra thought into a plan B if a disaster strikes? This plan B could be a business continuity plan or a disaster recovery plan. Business continuity plans are an essential part of the modern day business. There are so many potential disasters for small businesses that could seize the production or even close the business down for good. A recent study from Gartner Inc., found that “90% of companies that experience data loss go out of business within two years. It also found that 80% of company owners have not thought about how they would keep their businesses up and running if a data disaster occurs.” According to the Association of Records Managers and Administrators, “about 60 percent of businesses that experience a major disaster such as a fire close

Contingency planners are now asserting that contingency planning is a value-added component that can be a competitive advantage in the marketplace as well a means of helping organizations save money. Processes that are deeply analyzed in terms of continuity will usually be more secure, and new ways of working may emerge to help streamline operations. Contingency planning can be useful when forging alliances with external organizations or during acquisition phases. Contingency planning should be part of an organization’s quality cycle as well. “Business continuity and disaster recovery have gained somewhat in the eyes of top corporate management since the start of the 1990s. As the industry has slowly evolved from what could almost have been called a ‘black art’ to something starting to resemble a disciplined science, basic business principles have begun to become increasingly relevant” (Rothstein, 2003, p. 1).