Following on from our post on Business Continuity, this blog looks at planning for disaster recovery.
While organisations should analyse critical and non-critical threats to their business continuity, planning for disaster recovery is considering your options in the worst case scenario, even if you have done everything possible to eliminate critical service outages in your business activities. It is an admission that not all threats can be anticipated, but that you can still plan a range of effective responses to detect, prevent or react to critical threats to the organisation to reduce their impact.
What should be in the plan?
Your plan should specify your policy objectives; your mission (what you do), your continuity targets (service reliability targets, system uptime perhaps), and what you define as the levels of severity of an incident or service disruption that would trigger a disaster recovery level response across the organisation.
The plan should make key risk assessments of critical threats to service continuity, and provide plans to prevent, mitigate and respond to each threat.
The plan should be accessible; perhaps as both a centrally located physical and web-based staff handbook. It should specify the chain of command once disaster is declared, and the activation plans, teams, and key staff contacts needed to respond to events.
Particular attention should be paid to technical systems, security and provider support for these if systems are down; depending on your business, this might be alternative internet access; firewalls; phone systems; CCTV; back up generators; replicated live mirror servers; and what the provider response times are for these systems 24x7 if all or any of the above are down.
The handbook should also map out a chain of command during a disaster and provide sufficiently detailed procedures for various tasks to ensure that the Disaster Recovery Coordinator can delegate effectively once an incident is in play.
In our planning these have been grouped functionally; whether premises are out of commission due to flood, fire earthquake, war or terrorist attack or vandalism, will not affect our practical response although the preventative measures possible will vary according to whether a threat is the result of a deliberate human action of a natural disaster.
Common areas to consider are people (continuity, availability, security); premises (main sites, backup facilities); technology (backups, security, servers, failover capabilities when systems fail, provider response times and contacts); power (generator and back up facilities). We say that we have redundancy in a system when we have a back up in place; we have failover level of redundancy when one system fails another automatically kicks in to provide service continuity.
Most businesses should also consider financial threats in disaster planning; that is, how you can insure or order your business to avoid catastrophic financial risk.
The pitfalls vary with your line of business. Professional indemnity insurance is essential for anyone making their living by giving professional advice. Landlords should take out landlord’s insurance which will not only cover against a nominated loss of rent, but insure against malicious damage; if a tenant burns down a building, normal building insurance won’t cover you. If intellectual property is a key asset, you will need both security and confidentiality agreements in place to protect this, and perhaps patent or copyright protection as well. Organisations may be liable to large fines in some instances for failing to take action. Reliance for most of your business with a few customers could constitute a risk to your business that could be reduced by having more customers in more than one major service sector. Considering how you might structure a major contract that might not be renewed is also something that you can plan for to reduce risks to your business.
Tests, incidents and the aftermath
The plan should be thought of as a continuous feedback loop not unlike WHS planning that comprises scheduled tests, detailed incident logs of problems encountered during live and test incidents for review by management and reporting arising to the Board (or equivalent) and recommendations for procedural or policy changes or major investment decisions for feedback into the plan.
You should be able to track new versions of the plan from the incident logs and deliberations that led to changes to the plan.
Often it is the small things that trip you up during a disaster, and working through the detail (in planning or the aftermath) will make your responses faster and smoother in any future crisis.