Many financial directors think of IT Disaster Recovery as something that never really happens to them and even if it did the business would be able to get back to business as usual inside a day or so. Assets are safeguarded, backups taken (usually), and unless you are forced to, having a plan and some good intentions are equally as good as having DR equipment sitting around doing nothing utilizing the earth's resources at great expense. This philosophy is green too!!!
Planning for a disaster is a smart move. You never know when disaster will strike, so it pays to be prepared for the worst. Your organization or business must put a disaster plan in place before a real disaster happens. Failure to do so will put your business in peril in the aftermath of disasters such as fire, floods, earthquakes, Data gets stolen, hardware fails or power outage for a long time. Moreover, it will be difficult to get your business back on its feet following a disaster.
The key to business continuity even in the face of disaster is to make sure that you design disaster plan that is useful and effective. So the first step in designing your disaster recovery system is to analyze the risks that you will most likely encounter. Make sure that you have conducted a thorough analysis on all your computer systems and jot down all the risks that could possibly injure system up time. You will then have to appraise how imminent these risks might be in particular to your company.
To create a full-fledged program for disaster recovery, we need to build up a proper road map for resources that should be pulled at the right time, and for the right purpose.
From my perspective, DRP (Disaster Recovery Plan) team is considered as key role in creating Disaster Recovery plan, build up the structure and workflow, and ensuring that all essential planning bases are covered for referred purpose
What's the Purpose of a DRP Team?
A "team approach" to disaster recovery planning
provides three (3) primary advantages:
+ It takes a team to identify comprehensive disaster recovery
requirements, sufficiently diverse and relevant to all key needs and
operational perspectives.
+ It takes a team to create an actionable disaster recovery
program, considering all operational capabilities and constraints.
+ It takes a team to put all the plans and programs into
action and keep current with changing needs.
Building your plan
The 3 major issues in building a disaster recovery plan are
recovery point, time to recovery, and budget.
Recovery Point
How much data can you lose? Is some data more important than
other data? What data is absolutely critical for the business to survive? Maybe
some email can be lost, but the blue prints or accounting information is
invaluable. Your recovery point is the definition of what the system needs to
look like once everything has been fixed.
Time to recovery
How long can the business be down? Can some parts of the
business be down longer than others? When does everything need to be back to
normal? Each business will answer this question differently, and this standard
will heavily influence the type of solution chosen.
Budget
If money were not object, every business would want their IT
up and running immediately and to the fullest extent possible after a disaster.
Of course, that probably isn't the case.
Budget falls into two categories. First, there is some cost
for preparing for the disaster. Developing a disaster recovery plan, setting up
the backup solution, and perhaps even buying redundant hardware all contribute
to this expense.
The second cost comes after the disaster has struck. This
might include the cost to buy new hardware, set up the network, and restore
from backup. Estimates for this cost should also be included in the plan.
Having a plan is worthless if the plan is too expensive to implement.
Whatever your disaster recovery plan looks like, remember to
print it out. If you only have an electronic copy and your server crashes,
you'll be starting from scratch.
IT Systems and Disaster Recovery
Because I already came from IT background so I would like to
focus in this part only as it has become very important for the smooth
functioning of the organization so it is very important that organization IT
infrastructure should be updated and running all the time.
As I mentioned above about the types of disasters, so there
are many things which can be lose during or after the disaster. This can be
anything which hinders the business process. This can be assets, records,
employees and suppliers etc. The loss of the information includes customer's
details and other internal data etc. There can be loss of access, use of
premises, computers etc can be happen at any time.
By considering the following steps a good plan can be made:
() By identifying the core elements of the company and
assigning values to the assets.
() By prioritize each area of work to the appropriate person.
() By defining and considering a plan according to the
customer's expectations.
() By communicating the strategy in the whole organization and
check whether the resources are prepared accordingly or not.
As the plan is ready and it has been tested and reviewed by
the committee, then management should approve it. The plan is like an insurance
confirming that the business can be run if a disaster happens. The
effectiveness and success of the plan depends on the way it is written,
implemented and how one can understands it. The plan should be reviewed
periodically and updated according to the need of the business process.
