Continuity Management / Disaster Recovery / Business Continuity
Continuity management is the process by which plans are put in place and managed to ensure that IT Services can recover and continue should a serious incident occur. It is not just about reactive measures, but also about proactive measures - reducing the risk of a disaster in the first instance.
Continuity management is so important that many organizations will not do business with IT service providers if contingency planning is not practiced within the service provider’s organization. It is also a fact that many organizations that have been involved in a disaster where their contingency plan failed, ceased trading within 18 months following the disaster.
Continuity management is regarded as the recovery of the IT infrastructure used to deliver IT Services, but many businesses these days practice the much further reaching process of Business Continuity Planning (BCP), to ensure that the whole end-to-end business process can continue should a serious incident occur.
Continuity management involves the following basic steps:
- Prioritizing the businesses to be recovered by conducting a Business Impact Analysis (BIA).
- Performing a Risk Assessment (aka Risk Analysis) for each of the IT Services to identify the assets, threats, vulnerabilities and countermeasures for each service.
- Evaluating the options for recovery.
- Producing the Contingency Plan.
- Testing, reviewing, and revising the plan on a regular basis.
A number of methods exist which offer guidance upon the topic of continuity management and contingency planning.
Business continuity plan
A disaster recovery or business continuity plan is ESSENTIAL to protect the well being of any organization. Although this cannot really be over emphasized, so many organizations still side step the issue, or have plans which are out of date or just unworkable.
There are a number of reasons for this, including complexity, and of course the fact that some vendors sell planning products which are themselves very difficult to manage. The recent trend though is to seek simplicity and good productivity in the planning process: to create the plan directly using a quality template and good supporting guides and forms, which our experience at V3iT will be able to adequately service.
Policies underpin an organizations whole approach to business continuity. They determine the fundamental practices and culture throughout the enterprise with respect to disaster recovery.
A comprehensive (and ISO 17799 compliant) set of pre-written disaster recovery and information security policies are now available and can be provided to you on request.
A sound disaster recovery / business continuity plan is essential to protect the well being of an organization. This cannot really be over emphasized... yet many enterprises still side step the issue or hold plans which are clearly out of date or inadequate.
Part of the reason for this is the complexity of the task. This is not helped by some vendors selling planning products which are themselves extremely difficult to master.
There is now, however, a growing trend to address this head on: to use a quality disaster recovery template with forms and guide to create the plan directly. Minimum fuss, minumum complexity, maximum productivity... and a top quality plan at the end.