Disaster Recovery Planning (Business Continuity)
"For most organisations,a disaster or crisis isn't unexpected, simply unplanned - the key to survival is having a plan and knowing it works because you have tested it."
Businesses today rely heavily on their Information and Communication Technology (ICT) networks but do not always take adequate steps to safeguard them. System crashes, data corruption and other problems can have disastrous consequences - and could even cause a business to fail completely.
To anticipate potential problems, and to minimise the damage caused by them, you will need to set up and implement an effective disaster prevention and recovery strategy. In many ways your business can be imagined as a 'house of cards' with each card being a critical business function or process. Which cards would cause the whole structure to collapse if removed? These are the critical processes you must protect.
At Greencorn Limited, we actively encourage our clients to put in place a formal Business Continuity Plan and assist them in the formulation, implementation and management of their ICT strategy. Normally requested in the first instance to assist with the development and implementation of a data backup solution our engagement is often extended to encompass a wider review of the disaster prevention and recovery strategy for a client's ICT system as a whole.
Our approach to such an engagement is based round the following basic methodology:
- Assessment
- Contingency Planning
- Ongoing Review and Testing
Assessing the risks - the amount of time and money you spend on disaster prevention will depend on what you use your system for, and the specific risks it faces. We conduct a systematic risk assessment to work out the most suitable approach.
We review
- the importance of your business processes
- the value of the data you hold.
- analyse the potential impact of ICT problems
- identify specific risks faced by your system
- steps required to minimise these risks.
Assessing system reliability - we look at the reliability and simplicity of your computer hardware and software and the availability of support.
Assessing system setup - we review the design and set up of your network with disaster prevention in mind. We look at software configuration and filing structure.
Assessing maintenance provisions - we review computer hygiene procedures, software and hardware update procedures and the performance of regular health checks.
Assessing ICT procedures - we assess the availability of suitably trained employees to use the systems correctly, the availability of the appropriate security procedures and general ICT policy. We look to ensure that the defined procedures are regularly reviewed and documented.
Assessing backup provisions - we review the procedures for business critical data backup, power availability and hardware redundancy provisions.
Based on the findings of our risk assessments we attempt to pre-empt potential problems.
We work with our clients in the development of a formal documented contingency plan. As part of a wider 'business continuity' plan which covers all types of risks, our resulting proposals should ensure the minimisation of disruption in the event of a serious ICT system failure. Employees should know what to do in the event of a problem and how to cope. Original software, replacement hardware and business critical data should be readily available. Clients should have confidence that their ICT systems can, in the event of a disaster, be returned to operational status within an acceptable and predetermined timeframe.
As a client's ICT system evolves we closely monitor, through ongoing engagement, the provisions of these procedures to ensure their continuing relevance to the business and where deemed appropriate undertake the testing of accordingly.
