Tri-Paragon Inc. 130 King Street West, Suite 1800, P.O. Box 427, Toronto, ON Canada M5X 1E3
Phone: 416.865.3392 Email: firstname.lastname@example.org
(The science of performance)
“If you think it is expensive to hire a professional to do the job, wait until you hire an amateur” Red Adair
How effective are your Business Continuity and Disaster Recovery Plans???
Disaster Recovery is the process an organization uses to recover access to their software, data, hardware, and/or processes that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster, or a disaster caused by humans, cyber-attacks, or an unexpected outage of a service or component of a business preventing the business from providing service to their customers as expected.
While Disaster Recovery plans, or DRPs, often focus on bridging the gap where data, software, hardware and/or business processes have been interrupted, one cannot forget the vital element of staffing that composes much of any organization. A building fire might predominantly affect vital data storage; whereas an epidemic illness is more likely to have an effect on staffing.
All types of disasters and risks need to be considered when creating a DR Plan. Thus, organizations should include in their disaster recovery procedures contingencies for how they will cope with the sudden and/or unexpected loss of key personnel as well as how to recover their data and knowledge.
The Tri-Paragon Inc. Business Continuity & Disaster Recovery (TPI BC & DR) assessment team has actually experienced performing recovery from numerous disasters including floods, earthquakes and fires in addition to critical application outages.
Without an adequate Business Continuance and Disaster Recovery plan, statistics have shown that an organization experiencing a major outage typically goes out of business 9 times out of 10. The TPI BC & DR assessment focuses on the effectiveness of the plans, the frequency of their validations, how they are maintained, and their currency for each business risk identified.
Outages of critical applications can severely damage a company’s credibility and reputation and can also cause significant customer loss. Critical application outage risks have to be assessed separately and their outage impacts quantified accordingly.
Similarly, if an individual is unavailable that is critical to the delivery of a service by the business – can that service still be delivered and what is the potential impact to the business? In all cases any risk which can cause serious harm to the business must have mitigation plans which can be immediately implemented. Without them the business is at serious risk.
The Business Continuity plan should include:
- Identification of the risks associated with various types of business interruptions that may occur,
- Potential for the risk to occur,
- Business impacts if it did occur, and
- Planned mitigation approach.
This planning process is based on a risk management methodology. The TPI Team works closely with the customer’s assigned representative in a workshop environment to assist in performing the assessment.
The assessment of the Business Continuance and Disaster Recovery plan is focused on the business. The assessment results in a comprehensive report identifying:
- Gaps in the recovery processes,
- Costs and impacts should an interruption occur, and
- Steps required to mitigate.
Each application, business process and key personnel are assessed separately and a business process risk profile is created so the company can better understand its risks of individual business interruptions and impacts they may have on the overall functioning and success of the business.
The following components of the Business Continuity and Disaster Recovery Plans are assessed for risk and impact and identified in the final report:
- Key Objectives (goal of plan, reasons and resources)
- Business Impact Analysis and Risk Assessment by Component
- Mitigation Strategies for critical business components (those with the greatest business impact)
- Communication Plan by component outage
- Component Test Plan and recommended frequency
- BC & DR (aka BCDR) Maintenance (when and how to maintain plan)
For free copy of the Business Impact Analysis and Risk Assessment Worksheet – please press the button below: