Disaster: it could be as small as deleting a critical file or as big as the natural disasters that have been striking with more intensity in the past few years. Any way you look at it, disaster will strike eventually, in some form, leaving you with a problem to solve. It’s important to have a plan for when something happens. Do you?

Most companies have at least basic protection from emergencies and disasters in place. The most common forms of protection are insurance, server and computer backup, and basic preparations as required by law. While these protective measures are considered adequate for most companies, there is still a chance a disaster will strike, leaving your company in the lurch.

In the recent months and years an increasing number of occurrences, such as the earthquake in Japan and flooding in Thailand, have caused widespread disruption to businesses. To counter this, two business initiatives have risen to the forefront: Disaster Recovery (DR) and Business Continuity Planning (BCP). In fact, these two terms have become common buzzwords, a quick internet search returns over 53 million hits on business continuity alone. The problem is that many professionals are unclear on what each really is. It’s important to be clear on each topic and the basic steps to take to be prepared for any disaster.

What is a Business Continuity Plan (BCP)?
BCP, first seen during the Y2K scare of the late 90s, is a plan that covers the way an organization prepares for and maintains all critical business functions. BC planning is comprised of activities that ensure maintenance, stability, and recoverability of service before, during, and after a disaster. The plan is typically set up on a day-to-day basis, and covers the whole organization.

It’s important to have a BCP for your organization because if something happens and you can’t deliver to your customers, they will go to another company.

What is Disaster Recovery?
Disaster Recovery is considered a part of the overall continuity plan that focuses on the technical side of the business, including components such as data backup and recovery. Think of BCP as an umbrella and DR is under the umbrella — if you don’t have a disaster recovery plan, the overall umbrella is more or less useless.

What Should be in Your DR and BCP Plans?
These plans both share a number of similarities, generally following the same steps involving the same elements. Both plans should include:

  1. An operational plan for a number of disasters that could happen in your geographical area. The plans should cover occurrences as small as computer hardware errors and as large as massive natural disasters.
  2. A succession plan for you or your top management.
  3. Training for substitute employees on important tasks.
  4. Cross training of your employees on the basics of different roles so they will be able to take over if need be.
  5. A communication plan focused on different crises, including ways of communicating if networks are down.
  6. Off-site meeting places for staff and managers.
  7. A focus on safety. Foster partnerships and communication with local and emergency response services: Fire, Police, National Guard, Search and Rescue. Ideally, all employees should at least know basic first aid. If you have employees who are volunteer members of local Emergency Response Services, ask them to be responsible for teams.
  8. Daily plans to backup your Enterprise systems, along with training and testing of recovery of systems.
  9. Training and testing of all employees to practice recovery activities in situations as realistic as possible.

It’s important that you conduct regular tests of your systems and processes, and make changes as needed. Be aware that your business is always changing and so should your Business Continuity and Disaster Recover Plans.

With a carefully prepared and practiced plan, your business should be ready to face a variety of disasters with minimal downtime. If you would like to know more about Business Continuity and Disaster Recovery please contact us.

Published with permission from TechAdvisory.org. Source.