Business Continuity and Disaster Recovery Planning Definition and Solutions

Business Continuity and Disaster Recovery Planning topics covering definition, objectives, systems and solutions.

PAGE 4

What’s the difference between disaster recovery and business continuity planning?
What does a disaster recovery and business continuity plan include?
How do I get started?
Is it really necessary to disrupt business by testing the plan?
What kinds of things have companies discovered when testing a plan?
What are the top mistakes that companies make in disaster recovery?
I still have a binder with our Y2K plan. Will that work?
Can we outsource our contingency measures?
How can I sell this business continuity planning to other executives?
How do I make sure the plans aren’t overkill for my company?
Related articles from CSO magazine

What advice would you give to security executives who need to convince their CEO or board of the need for disaster recovery plans and capabilities? What arguments are most effective with an executive audience?

Hager advises chief security officers to address the need for disaster recovery through analysis and documentation of the potential financial losses. Work with your legal and financial departments to document the total losses per day that your company would face if you were not capable of quick recovery. By thoroughly reviewing your business continuance and disaster recovery plans, you can identify the gaps that may lead to a successful recovery. Remember: Disaster recovery and business continuance are nothing more than risk avoidance. Senior managers understand more clearly when you can demonstrate how much risk they are taking."

Hager also says that smaller companies have more (and cheaper) options for disaster recovery than bigger ones. For example, the data can be taken home at night. That's certainly a low-cost way to do offsite backup.

Some of this sounds like overkill for my company. Isn't it a bit much?

The elaborate machinations that USAA goes through in developing and testing its contingency plans might strike the average CSO (or CEO, anyway) as being over the top. And for some businesses, that's absolutely true. After all, HazMat training and an evacuation plan for 20,000 employees is not a necessity for every company.

Like many security issues, continuity planning comes down to basic risk management: How much risk can your company tolerate, and how much is it willing to spend to mitigate various risks?

In planning for the unexpected, companies have to weigh the risk versus the cost of creating such a contingency plan. That's a trade-off that Pete Hugdahl, USAA's assistant vice president of security, frequently confronts. "It gets really difficult when the cost factor comes into play," he says. "Are we going to spend $100,000 to fence in the property? How do we know if it's worth it?"

And-make no mistake-there is no absolute answer. Whether you spend the money or accept the risk is an executive decision, and it should be an informed decision. Half-hearted disaster recovery planning (in light of the 2005 hurricane season, 9/11, the Northeast blackout of 2003, and so on) is a failure to perform due diligence.

This document was compiled from articles published in CSOand CIO magazines. Contributing writers include Scott Berinato, Kathleen Carr, Daintry Duffy, Michael Goldberg, and Sarah Scalet. Send feedback to CSO Executive Editor Derek Slater at dslater@cxo.com.

Further Reading

More in-depth case studies in disaster recovery and business continuity planning:

Podcast: Anticipating Avian Flu

Restarting the US’s Oil Engines
How can the oil and gas industry recover from a disaster as big as Katrina? With good planning, says Bobby Gillham, former CSO of ConocoPhillips.

Write People into the Plot
Business continuity plans only work if they take employee needs into account.

Interview: The Optimistic Pessimist
Mike Hager escaped from the World Trade Center and got OppenheimerFunds up and running again in less than five hours. Now he faces another challenge: keeping America interested in business continuity planning.

Lessons from a Disaster
Short and sweet, 10 things one practitioner learned after downtime caused by Nimda.

USAA: Practice Makes Perfect
As one of the nation's largest insurance companies, USAA is in the business of managing risk. So it makes sense that-when faced with a disaster-the company knows how to respond.

CareGroup: All Systems Down (from CIO)
 Lessons learned from a major information systems outage.

Wall Street: Staying Power (from CIO)
In the weeks and months after 9/11, three CIOs working next door to the World Trade Center found they had to be strong leaders to get their companies back online. Now back in the city, they don't make business continuity plans. They live them.

Kodak: Weathering the Storm (from CIO Magazine)
 Kodak's business continuity program addresses weather concerns and other threats.

security
Loading...
 
SPONSORED LINKS
 

Making Consumer Two-Factor Authentication Simple and Cost-Effective

Mining the Cloud to Ease the Enterprise Compliance Burden

Solve Five Key IT Security Challenges with Cloud-Based Authentication

White Paper: Managed Security for a Not-So-Secure World

Secure Email and Web-Based Communication from Evolving Attacks

WagerWorks Takes Fraudsters Out of the Game using iovation

White Paper: A Security Blueprint Delivered From within the Network

Return on Information: Google Enterprise Search pays you back

ROI of Application Delivery Controllers

Webcast: Unleashing the Power of Customer Data

Disciplined Autonomy: Resolving the Tension Between Flexibility and Control

Enterprise Capture: Your Onramp to Business Process Automation

Cloud Computing--What is its Potential Value for Your Company?

Seven Design Requirements for Web 2.0 Threat Protection

Adobe® LiveCycle® solutions for business process automation

10 Ways Excel Drives More Value from Your SAP Investment

The Key to Proving and Improving the Value of IT to the Company

Unleash the Power of Java with Oracle JRockit Real Time

Taking the Service Desk to the Next Level

Return on Information: Google Enterprise Search pays you back. Get the facts.

VMware. The source for Business Infrastructure Virtualization.

ShoreTel tells businesses to untangle from competitors' complexity and turn to its brilliantly simple UC solution

See how AT&T can help protect your network.

Streamline IT Costs. Boost Performance with WAN Optimization.

Build your 1st app FREE with Force.com

Authentication as a Service by Forrester Research

Cloud-Based Authentication for Next-Generation Extranets

Mobile Security: The Essential Ingredient for Today's Enterprise

IDC White Paper: CCM for IT Compliance and Risk Management

Keeping Your Members Safe from Online Scams and Predators

Learn about the growing threat of insider data theft.

Upgrading to VMware vSphere with vWire

Maximizing website Return on Information with high-quality search

Gartner Magic Quadrant, Application Delivery Controllers 2009

Learn How Web Site Performance Impacts Shopper Behavior

Build a Foundation for Unified Communications

Removing the Barriers to IT Governance: How On-Demand Software Changes the Game

Should Your Email Live In The Cloud? A Comparative Cost Analysis

How Consumerization of IT Will Make Your Business More Productive

How does a software company save big with Green IT?

Translate business strategy into IT strategy and obtain maximum benefits.

eBook: How Can You Make Your People Productive Anywhere?

Mind the Talent Gap: Global Survey on IT and HR trends and challenges

"Enterprise-Proven" is the Prerequisite for Enterprise SaaS Portal Solutions

AT&T Synaptic Storage as a Service. Expand on demand

Trend Micro ranked #1 against real-world malware. Read more.

Webinar: Jump-start your in-house e-discovery with Ringtail QuickCull from FTI Technology

Top Five CIO Challenges

Read the RSA report: Security for Business Innovation

64-page prescriptive guide to security, compliance, and IT operations.

 
 
RESOURCE CENTER
 
buy a link »
Ads by TechWords