No Jitter is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Disaster Recovery Planning: Never Finished

DisasterRecovery-AdobeStock_243164407.jpg

backup button
Image: Sikov - stock.adobe.com
As a longstanding best practice, you plan for disaster, be that a power outage, security attack, software failure or any other unexpected event. In your recovery plan you must balance what you can imagine will happen and what you can afford, and then you need to present the plans and budgets to a non-technical audience.
 
As you put together your plan, one consideration should be what customers would see as a result of an outage. Consider, for example, if your unified communications and collaboration systems are affected and your employees can’t reach out to business partners or customers or if your contact center malfunctions or fails. Your public reputation will be impacted and the users and customers will become hesitant to work with your organization. If the contact center is knocked offline, once a problem occurs, customers won’t be as amenable to use your products or services. Even after your recovery, your company will incur marketing costs associated with trying to regain customer trust.
 
You should consider performing a business impact analysis (BIA) to assess the impact a disruption may have on operational functions. The first step is to identify which business processes absolutely must be performed. For example:
  • A retailer must be able to deliver products and collect payments
  • A restaurant or fast food outlet needs to be able to satisfy orders and receive payment
  • A financial institution must be able to allow customers to enter and process transactions in a timely and safe manner
  • A distribution facility must be able to accept orders, ship products, and track delivery
 
When satisfying these goals, you need to:
  • Identify core business services for which a disruption would cause financial and reputational harm
  • Evaluate, classify, and prioritize the risks if an interruption occurs
  • Invest the time, effort, and budget to address the risks with the understanding that you can’t afford to deal with all the possible risks
  • Test your recovery plan to ensure that the investment delivers expected results
 
Delivering Recovery
You need to ask many questions as you plan for a business interruption:
  • What failures have occurred in the past and what measures have been taken to mitigate them?
  • How has disaster recovery been budgeted in the past?
  • Are there single points of failure internally and externally to your business?
  • Are your operations dependent on a single source, vendor, service, or specific individuals that can hamper the recovery?
  • Do you have redundant facilities and locations with timely backup software and data?
  • Is this data replicated and how frequently?
 
Presenting Your Disaster Recovery Plan
Remember that you’re the technologist presenting technology solutions to various business units. You need to understand the business’s disaster recovery goals and how they’re prioritized. Appeal to their business sense. Don’t focus on products but rather on the challenges and solutions. Don’t try to scare them with fear, uncertainty, and doubt to make your points.
 
Don’t overstate your objectives. Be conservative. It’s better to exceed the goals than to not meet them. Expect that disaster recovery is not a topic that C-level executives often discuss, so be concise in the presentation. C-level executives have many other business subjects to consider.
 
Prepare in advance. Executives will ask:
  • What is the business impact of various types of interruptions and outages?
  • What is the budget for the disaster recovery investment and what will it mitigate from a business perspective?
  • How long would the systems and services take to recover and restore from an interruption?
  • Do the recovery solutions align with customer expectations?
  • Is there enough investment to sufficiently manage the business continuity risks?
  • How will the disaster recovery plan be tested and how will the business be impacted during the test?

Recommended Reading: