Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
ABC: An Introduction to Business Continuity and Disaster Recovery Planning
Good business continuity plans will keep your company up and running. This primer helps make sure you've covered all the bases.
PAGE 4
What’s the difference between disaster recovery and business continuity planning?
What does a disaster recovery and business continuity plan include?
How do I get started?
Is it really necessary to disrupt business by testing the plan?
What kinds of things have companies discovered when testing a plan?
What are the top mistakes that companies make in disaster recovery?
I still have a binder with our Y2K plan. Will that work?
Can we outsource our contingency measures?
How can I sell this business continuity planning to other executives?
How do I make sure the plans aren’t overkill for my company?
Related articles from CSO magazine
What advice would you give to security executives who need to convince their CEO or board of the need for disaster recovery plans and capabilities? What arguments are most effective with an executive audience?
Hager advises chief security officers to address the need for disaster recovery through analysis and documentation of the potential financial losses. Work with your legal and financial departments to document the total losses per day that your company would face if you were not capable of quick recovery. By thoroughly reviewing your business continuance and disaster recovery plans, you can identify the gaps that may lead to a successful recovery. Remember: Disaster recovery and business continuance are nothing more than risk avoidance. Senior managers understand more clearly when you can demonstrate how much risk they are taking."
Hager also says that smaller companies have more (and cheaper) options for disaster recovery than bigger ones. For example, the data can be taken home at night. That's certainly a low-cost way to do offsite backup.
Some of this sounds like overkill for my company. Isn't it a bit much?
The elaborate machinations that USAA goes through in developing and testing its contingency plans might strike the average CSO (or CEO, anyway) as being over the top. And for some businesses, that's absolutely true. After all, HazMat training and an evacuation plan for 20,000 employees is not a necessity for every company.
Like many security issues, continuity planning comes down to basic risk management: How much risk can your company tolerate, and how much is it willing to spend to mitigate various risks?
In planning for the unexpected, companies have to weigh the risk versus the cost of creating such a contingency plan. That's a trade-off that Pete Hugdahl, USAA's assistant vice president of security, frequently confronts. "It gets really difficult when the cost factor comes into play," he says. "Are we going to spend $100,000 to fence in the property? How do we know if it's worth it?"
And-make no mistake-there is no absolute answer. Whether you spend the money or accept the risk is an executive decision, and it should be an informed decision. Half-hearted disaster recovery planning (in light of the 2005 hurricane season, 9/11, the Northeast blackout of 2003, and so on) is a failure to perform due diligence.
This document was compiled from articles published in CSOand CIO magazines. Contributing writers include Scott Berinato, Kathleen Carr, Daintry Duffy, Michael Goldberg, and Sarah Scalet. Send feedback to CSO Executive Editor Derek Slater at dslater@cxo.com.
Further Reading
More in-depth case studies in disaster recovery and business continuity planning:
Podcast: Anticipating Avian Flu
Restarting the US’s Oil Engines
How can the oil and gas industry recover from a disaster as big as Katrina? With good planning, says Bobby Gillham, former CSO of ConocoPhillips.
Write People into the Plot
Business continuity plans only work if they take employee needs into account.
Interview: The Optimistic Pessimist
Mike Hager escaped from the World Trade Center and got OppenheimerFunds up and running again in less than five hours. Now he faces another challenge: keeping America interested in business continuity planning.
Lessons from a Disaster
Short and sweet, 10 things one practitioner learned after downtime caused by Nimda.
USAA: Practice Makes Perfect
As one of the nation's largest insurance companies, USAA is in the business of managing risk. So it makes sense that-when faced with a disaster-the company knows how to respond.
CareGroup: All Systems Down (from CIO)
Lessons learned from a major information systems outage.
Wall Street: Staying Power (from CIO)
In the weeks and months after 9/11, three CIOs working next door to the World Trade Center found they had to be strong leaders to get their companies back online. Now back in the city, they don't make business continuity plans. They live them.
Kodak: Weathering the Storm (from CIO Magazine)
Kodak's business continuity program addresses weather concerns and other threats.
Fulfilling Remote Access Strategies by Transforming the Internet into a Business-Grade Application Delivery Platform
Network Security Services: Outsourcing considerations for maximizing network protection
The CIO's Guide to Mobile Security: Executive Overview and Checklist
Security Features of the BlackBerry Solution
Matching the BlackBerry with a Corporate PBX
BlackBerry Enterprise Solution
What's Next? Real Answers for Tough Times
A crystal ball won't provide the answers you need.
Paving the Way for Trusted Collaboration
Gartner on Data Deduplication Cost Savings
Storage Virtualization: It's Not One Size Fits All!
The Power of Telepresence
Get a grip on your mobile workforce Webcast
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Judgment Favors Novell in Ongoing SCO Case
Spyware Case Finally Closed for Teacher Julie Amero
SAP to Bring Unified Interface Across Apps Suite
Symantec Sees Spike in Dangerous Microsoft Attacks
Palm Lays Off Workers
U.S. Needs More Broadband Competition, Expert Says
Microsoft to Launch IE8 in First Half of '09
VMware Security Chief Leaves to Run OpenDNS
Confidential Customer Details Exposed on Qantas Site
'Vista Capable' Lawyers Want Ballmer to Testify
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
