“Business continuity planning is the process of ensuring that your organization can continue doing business even when its normal facilities or place of business is unavailable” (Peltier, 2014). This statement should hold true for any business wishing to compete in today’s market and apply to more than just natural disasters. Although natural disasters should remain an integral part of any continuity plan and recovery model, other man-made disasters, such as computer viruses and physical security should be considered.
Key factors of the business continuity/disaster recovery plans are designed to ensure that the three principles of information security remain intact even if there is some kind of a disaster or service interruption. Perhaps the greatest of there is the area of “availability”. This is especially true when one considers what the VPN means to being able to communicate electronically in the midst of a crisis. One must remember that in normal operations information security is important and in times of distress it is that more imperative. This at times will prove to be challenging to say the least. However, the business continuity plan as well as the disaster recovery plan must spell out how the services of the affected area(s) will
“Disaster is an occurrence that disrupts the functioning of the organization resulting in loss of data, loss of personnel, loss of business or loss of time” (Hiatt, 2000). In this case, we are focusing mainly on natural disasters. This makes our focus shift towards the destruction of physical resources more than other types of crises. Before starting the plan, we should be able to secure the necessary support and resources from top management for the plan to be carried out, have a plan development team and have a disaster recovery coordinator (Hiatt, 2000). All companies, especially ones located within areas prone to natural disaster should allocate budget and effort towards disaster preparedness. If the company has special IT personels that are familiar with the matters, it is best. Otherwise, the plan development team should contain members that know about the business network system as well as the company’s operation. These are the necessary steps before making the actual
Additionally, the plan should include detailed information on the key functions and resources the company needs to get operating as quickly as possible. Furthermore, it needs to list the roles of the individuals once the crisis occurs and the plan is implemented. Ensure that all employees know what their duties will be and are trained efficiently to complete tasks. Making the most of the first hour after an emergency is critical in reducing the impact. In addition, a plan in the form of a checklist is beneficial to make sure that everything is being completed. Also, make sure that contact details are listed in the plan for emergency services, customers, suppliers, utility company, and other businesses in the area. The organization needs to plan how to deal with the media as well, and appoint a single company spokesperson. Finally, do not just have one copy of the plan, have hard copies of the business continuity plan at the homes of the key staff members, just in case the plan needs to be implemented from home or if a tragedy destroys the copy at work. Having other copied ensures that the plan is still able to be followed ("Crisis management and business continuity planning", 2009). Definitely, a strategic plan on how the business recovers from a crisis should be a requirement at all companies, although I am sure that will never happen, I am going to start on a plan for the organization where I am
The first step towards creating a serious BCP is to identify the potential disasters one by one and determining what the potential impact might be on your business. In order to generate a professional and sound BCP, you have to understand the degree of the potential loss, which could occur. Some of the factors you
While these situations are not entirely avoidable, an organization’s ability to recover from such setbacks largely depends on how much energy has been invested into identifying and mitigating risk through the use of a well-established business continuity plan. Lindros and Tittel (2013) explain that business continuity refers to maintaining business functions, or quickly recovering such functions in the event of a major disruption, and the lack of planning doesn’t just mean an organization will take longer to recover, but may never recover at all. The first step to developing an effective continuity plan is a thorough planning process in which an organization establishes
First, Incident Response (IR) plan “is a detailed set of processes and procedures that anticipate, detect, and mitigate the effects of an unexpected event that might compromise information resources and assets.” (Whitman, 2013, p. 85). Consequently, Incident response planning (IRP) is the planning for an incident, which occurs when an attack affects information systems causing disruptions. On the other hand, Disaster Recovery (DR) plan “entails the preparation for and recovery from a disaster, whether natural or human-made.” (Whitman, 2013, p. 97). For instance, events categorized as disasters include fire, flood, storm or earthquake. Thus, the differences between an Incident Response (IR) plan and a Disaster Recovery (DR)
Continuity planning is very important because it will help ensure that our Constitution is maintained during all types of disasters or incidents (Bush, 2007). That is why the Federal Government has established eight National Essential Functions (NEFs) that must be maintained at all times and the purpose of the NEFs is to allow the Government to be able to function under the Constitution at all times, no matter what circumstances or emergencies are occurring (Homeland Security Council, 2007). The first one of the eight NEFs is to ensure that the Government is able to maintain and ready to activate effective Continuity of Operations Plans (COOPs) whenever an incident or emergency occurs (Homeland Security Council, 2007).
During a disaster or emergency, the company must maintain normal operations required to address time-sensitive, disaster-specific issues. No plan can anticipate addressing all the human, operational and regulatory issues raised during a disaster or emergency.
The business continuity & disaster recovery is written into the policy to ensure each department knows and has a plan in case of an unexpected event such as a fire, vandalism, and natural disaster that would disrupt normal business. This part of the plan also states that data administrators are the ones responsible to implement procedures for critical backup of data and how long the recovery time would be which is set by the data stewards and other stockholders.
A BCP should cover all of the things that could cease regular business operation. Once that has been establish, then we will need to determine what is required for continue operation during a disaster. Then who are the key personnel and what their job will be in support of the continue operation. Identify the key equipment, storage data area and the secondary location at least 30-50 miles away from your primary position.
Disaster Recovery Planning is the critical factor that can prevent headaches or nightmares experienced by an organization in times of disaster. Having a disaster recovery plan marks the difference between organizations that can successfully manage crises with minimal cost, effort and with maximum speed, and those organizations that cannot. By having back-up plans, not only for equipment and network recovery, but also detailed disaster recovery plans that precisely outline what steps each person involved in recovery efforts should undertake, an organization can improve their recovery time and minimize the disrupted time for their normal business functions. Thus it is essential that disaster recovery plans are carefully laid
Disasters have become an inevitable part of businesses and organizations as well. They not only have a major effect on business and organizational continuity; they also result to an overhaul in organizational operational mechanisms (Awasthy, 2009). It is for this reason that many organizations and business resort to preparing business continuity plans and disaster recovery plans that will facilitate better disaster management in future. Effective disaster recovery plans are important to every business and organization (Thejendra, 2008).
Disaster recovery plan (DRP) is a clearly defined and documented plan of action for use at the time of a crisis. Typically a plan will cover all the key personnel, resources, services and actions required to implement and manage the DR process (comission, 2014).
In this study, the fields of emergency management, business continuity, strategic planning and scenario futuring were critically analyzed with a goal of developing an integrated strategic contingency planning model. This model will assist organizations in bringing their contingency planning program to a strategic level. Contingency planning can be fully integrated with day-to-day business processes if a new mindset is promulgated in the organization. Contingency planning no longer needs to be an isolated, specialized