Building an IT Business Continuity Plan

Don’t wait for a large or small disaster to occur to build your disaster recovery plan to ensure business continuity.

Be prepared.  Have a "Keep Working Plan."

The definition of a disaster could vary greatly from business to business. The loss of data on a single PC could have a disastrous effect on your business if you are not prepared for such an event. Having a clearly documented and tested business continuity plan is just as important as having the right disaster recovery technology. It’s crucial to develop the plan in advance and review it with your employees.

5 Steps to Create a Disaster Recovery Plan

So, what’s involved in developing a disaster recovery plan? Here are five important steps you should take to create a disaster recovery plan.

1. Identify business critical information and applications.

For example, does your firm perform Internet-based research? Do you have a plant manufacturing application that the majority of your employees use for day-to-day work processes? Is responding in a timely manner to customer email critical to your firm’s success? Is your firm hosting internally a web-based application for conducting customer transactions?

You should identify all business processes, assess what IT resources are involved in the process, and evaluate their importance in the process. Some processes will naturally bubble up as highly critical while others may be identified as less important to successful business operations. Be sure to examine the role of voice, data, fax and other technologies when evaluating your business processes.

2. Determine the impact of the loss of the information or applications on a temporary or extended period.

Be sure to cover a range of potential disasters, from a large-scale outage to a single user or workstation failure. At the same time, evaluate the likelihood of various types of “disaster” scenarios. A certain amount of failures occur as a result of older technology or changing technology. Plan for it.

Could your company work effectively without access to its application data for 1, 2 or more days? What if your work site was inaccessible due to winter storms, could selected employees work effectively from home or remote locations?

3. Evaluate backup, redundancy and remote access options for disaster recovery strategies.

Research and evaluate the most practical solutions. Potential options should be dictated by the priorities identified in steps 1 and 2. For example, do you have backup email services if your internal email server is down? Where is your critical information stored? How is it backed up and how often? Have the backups been verified or tested? Are they available off-site should you be unable to access your work site?

Develop a budget for all equipment and services required to carry out each strategy. Typically, complexity and cost increase as the acceptable amount of downtime decreases. Don’t fall into the money pit of trying to guarantee 100 percent uptime for every IT resource.

Tip: This would be an ideal time to conduct a detailed inventory of all IT resources. Collect as much information as is feasible. Physical details, such as make, model, serial number, and purchase date, will be important for filing insurance claims. Configuration information is important to design redundancy into your business and to prepare for any potential replacements. It’s important to keep the inventory current; so specify the documents’ creation and revision dates. Pay attention to the human aspect of your business, and be sure to include contact information for all users, vendors and service providers.

4. Develop a comprehensive written plan and implement measures that meet your business requirements in a cost-effective manner.

The plan must contain procedures for before, during and after a disaster. Take the time to implement the strategies selected from Step 3 above and develop procedures to test them. Be sure to include a process for ensuring that the disaster recovery plan is maintained and updated as your business changes and grows.

5. Periodically test your disaster recovery plan.

What good is your plan, if you don’t know if it will work? It is important to test and evaluate your plan on a regular basis, preferably at least once annually. Be sure to train your employees on what to do in the event of a small or large disaster. Update your plan to correct any problems that may be uncovered during testing and training.

Dealing with disasters, large or small, is never easy. However, by preparing now, your business can reduce or entirely eliminate the impact of a disaster, ensuring consistent delivery of product and services for your customers.

Quick Tips

  • Use a backup plan that includes secure off-site storage.
  • Centralize and organize all of the vital software for the organization in a secure off-site location. Make sure to include any upgrade packages that you may have installed.
  • Document all of the important passwords for the organization. These may include some of the following: ISP, network, voicemail, domain name and hosting, email, database, and other web passwords.
  • Document the network structure, including upgrades to any software or the server.

Need Help Pulling It All Together

Complete the form below for information on business continuity software that helps smooth the way.







circles_bottom