This paper discusses an approach for creating a good disaster recovery plan for a business enterprise. The process of preparing a disaster recovery plan begins by identifying these causes and effects, analyzing their likelihood and severity, and ranking them in terms of their business priority.
When a disaster strikes, the normal operations of the enterprise are suspended and replaced with operations spelled out in the disaster recovery plan.
The disaster recovery plan does not stop at defining the resources or processes that need to be in place to recover from a disaster. The second section of this paper explains the methods and procedures involved in the disaster recovery planning process. The first step in planning recovery from unexpected disasters is to identify the threats or risks that can bring about disasters by doing risk analysis covering threats to business continuity.
Human caused: These disasters include acts of terrorism, sabotage, virus attacks, operations mistakes, crimes, and so on.
Supplier: These risks are tied to the capacity of suppliers to maintain their level of services in a disaster. Water: There are certain disaster scenarios where water outages must be considered very seriously, for instance the impact of a water cutoff on computer cooling systems. Data systems risks are those related to the use of shared infrastructure, such as networks, file servers, and software applications that could impact multiple departments. Once the disaster risks have been assessed and the decision has been made to cover the most critical risks, the next step is to determine and list the likely effects of each of the disasters.
Simple "one cause multiple effects" diagrams (Figure 3) can be used as tools for specifying the effects of each of the disasters. The intention of this exercise is to produce a list of entities affected by failure due to disasters, which need to be addressed by the disaster recovery plan. It may be noticed that two or more disasters may affect the same entities, and it can be determined which entities are affected most often. Once the list of entities that possibly fail due to various types of disasters is prepared, the next step is to determine what is the downtime tolerance limit for each of the entities. The cost of downtime is the main key to calculate the investment needed in a disaster recovery plan. How the disaster affected entities depend upon each other is crucial information for preparing the recovery sequence in the disaster recovery plan.
Once the list of affected entities is prepared and each entity's business criticality and failure tendency is assessed, it is time to analyze various recovery methods available for each entity and determine the best suitable recovery method for each. In the case of data systems, for example, the recovery mechanism usually involves having the critical data systems replicated somewhere else in the network and putting them online with the latest backed up data available. Considering multiple options and variations of disaster recovery mechanisms available, it is necessary to carefully evaluate the best suitable recovery mechanism for an affected entity in a particular organization. The roles, responsibilities, and reporting hierarchy of different committee members should be clearly defined both during normal operations and in the case of a disaster emergency.
Note that not all the members of the Disaster Recovery Committee may actively participate in the actual disaster recovery. Quick and precise detection of a disaster event and having an appropriate communication plan are the key for reducing the effects of the incoming emergency; in some cases it may give enough time to allow system personnel to implement actions gracefully, thus reducing the impact of the disaster. In most organizations, Disaster Recovery Planning is the quintessential complex, unfamiliar task. All Business Continuity Disaster Recovery Planning efforts need to encompass how employees will communicate, where they will go and how they will keep doing their jobs. But the critical point is that neither element can be ignored, and physical, IT and human resources plans cannot be developed in isolation from each other.
The Disaster Recovery Plan (DRP) is that tool which can be used as a Disaster Planning Template for any size of enterprise. The Disaster Planning Template and supporting material have been updated to be Sarbanes-Oxley and HIPAA compliant. Preparation for Disaster Recovery and Business Continuity in light of SOX has two primary parts.


Disaster Recovery Business Continuity Template (WORD) - comes with the latest electronic forms and is fully compliant with all mandated US, EU, and ISO requirements. Included with the template are Electronic Forms which have been designed to lower the cost of maintenance of the plan. Work Plan to modify and implement the template. Included is a list of deliverables for each task. Click on the link below to get the Disaster Planning and Business Continuity Planning Template full table of contents and selected sample pages now and make it part of your Disaster Recovery Planning toolkit. The original mandate of the HPC was confined to the preparation of management plans for natural disasters only. If your plan is up-to-date, you deserve kudos because you are among a too-small-percentage who have taken action to prepare for disasters. You can use this Business Continuity Plan Template (48 page Word, 12 Excel spreadsheets, with its free Business Impact Analysis, and Damage Assessment Report templates to recover quickly and effectively from an unforeseen disaster or emergency.
For small, medium, and large businesses, it is critical to provide high availability of data for both customers and employees.
For a natural disaster or the unexpected, this three-day emergency kit, pre-packed backpack is all you need. Every adult should be aware of the potential disasters where they live and also have plans in place to deal with them, but senior citizens in particular can be more vulnerable and may need more help planning. Though both concepts are related to business continuity, high availability is about providing undisrupted continuity of operations whereas disaster recovery involves some amount of downtime, typically measured in days.
Only when these are assessed and the affected systems are identified can a recovery process begin. An effective disaster recovery plan plays its role in all stages of the operations as depicted above, and it is continuously improved by disaster recovery mock drills and feedback capture processes. The effects of a disaster that strikes the entire enterprise are different from the effects of a disaster affecting a specific area, office, or utility within the company. At the end of this phase, recovery staff will be ready to execute contingency actions to restore system functions on a temporary basis.
Recovery from this type of failure may be lengthy and expensive due to the need to replace or update software and equipment and retrain personnel. Procedures should contain the process to alert recovery personnel during business and nonbusiness hours. At the earliest possible time, the disaster recovery process must be decommissioned and the business should return to normalcy.
After the disaster detection, a notification should be sent to the damage assessment team, so that they can assess the real damage occurred and implement subsequent actions. The best strategy is to have some kind of disaster recovery plan in place, to return to normal after the disaster has struck. The ultimate results are a formal assessment of risk, a disaster recovery plan that includes all available recovery mechanisms, and a formalized Disaster Recovery Committee that has responsibility for rehearsing, carrying out, and improving the disaster recovery plan.
Figure 1 depicts the cycle of stages that lead through a disaster back to a state of normalcy. The plan should also define how to restore operations to a normal state once the disaster's effects are mitigated.
A key factor in evaluating risks associated with telephone systems is to study the telephone architecture and determine if any additional infrastructure is required to mitigate the risk of losing the entire telecommunication service during a disaster.
A key objective in analyzing these risks is to identify all single points of failure within the data systems architecture. The likelihood that something happens should be considered in a long plan period, such as 5 years.
A higher value would mean longer restoration time hence the priority of having a Disaster Recovery mechanism for this risk is higher.
In Figure 3, the entities that fail due to the earthquake disaster are office facility, power system, operations staff, data systems, and telephone system.


This information becomes crucial for preparing the recovery sequence in the disaster recovery plan. For example, having the data systems restored has a dependency on the restoration of power. For less critical data systems, there may be an option to have spare server hardware, and if required these servers could be configured with the required application. This committee should have representation from all the different company agencies with a role in the disaster recovery process, typically management, finance, IT (multiple technology leads), electrical department, security department, human resources, vendor management, and so on. During a disaster, this committee ensures that there is proper coordination between different agencies and that the recovery processes are executed successfully and in proper sequence.
Execution Phase: In this phase, the actual procedures to recover each of the disaster affected entities are executed. A hurricane affecting a specific geographic area, or a virus spread expected on a certain date are examples of disasters with advance notice. The first is putting systems in place to completely protect all financial and other data required to meet the reporting regulations and to archive the data to meet future requests for clarification of those reports. For an enterprise, a disaster means abrupt disruption of all or part of its business operations, which may directly result in revenue loss. The entities with less downtime tolerance limit should be assigned higher priorities for recovery. To minimize disaster losses, it is very important to have a good disaster recovery plan for every business subsystem and operation within an enterprise. Nowadays most of the meteorological threats can be forecasted, hence the chances to mitigate effects of some natural disasters are considerable.
Effects of disasters range from small interruptions to total business shutdown for days or months, even fatal damage to the business. The disaster recovery system cannot replace the normal working system forever, but only supports it for a short period of time. Finally, ongoing procedures for testing and improving the effectiveness of the disaster recovery system are part of a good disaster recovery plan.
And the fourth section explains what information the disaster recovery plan should contain and how to maintain the disaster recovery plan. To mitigate the risk of disruption of business operations, a recovery solution should involve disaster recovery facilities in a location away from the affected area. Depending on the data system, there may be options of autorecovery or manual recovery, and the cost and recovery time factors of each mechanism vary.
What's more, the myriad interconnected data, application and other resources that must be recovered after a disaster make recovery an exceptionally difficult and error-prone effort.
For some businesses, issues such as supply chain logistics are most crucial and are the focus on the plan. The second is to clearly and expressly document all these procedures so that in the event of a SOX audit, the auditors clearly see that the Disaster Recovery and Business Continuity Plan exists and appropriately protects the data and assets of the enterprise.. Even if you have never built a Disaster Recovery plan before, you can achieve great results. For others, information technology may play a more pivotal role, and the Business Continuity Disaster Recovery Plan may have more of a focus on systems recovery. Just follow the DR Template that Janco has created and you will have a functioning plan before you know it.



Disaster food stamps baton rouge 2015
Recovery of natural disaster


Comments

  1. 24.12.2013 at 13:17:18


    Lifting weights whilst standing on unstable surfaces like wobble.

    Author: Qanfetkimi_oglan
  2. 24.12.2013 at 19:24:15


    Eliminate the cotton when he found out.

    Author: DeserT_eagLe
  3. 24.12.2013 at 19:28:57


    How food is not genuinely necessary.

    Author: Keremcem
  4. 24.12.2013 at 22:19:22


    Require to create your person per day, and it is advisable.

    Author: dinamshica