by CIO Staff

Disaster Recovery: Nasdaq’s Best Practices

Dec 01, 20012 mins

Nasdaq, whose 1 Liberty Plaza headquarters is next to the World Trade Center, has itemized lessons learned from the Sept. 11 terrorist attacks. For more details on these practices and on Nasdaq’s recovery, see

  • Have a disaster recovery and business continuity plan. Communicate it, rehearse it, keep it updated. A backup plan is not a disaster recovery plan.
  • Ensure a means of communication for decision making and dissemination of information both internally and externally. Consider all audiences: employees, family members, customers, supply chain partners, other companies in your industry, regulatory bodies, vendors, government entities and law enforcement.
  • Establish a process or principle for decision authority. Who is in charge at all times and how will you know?
  • Know in advance and coordinate with those you may need help from (government, law enforcement, utilities, fuel, transport, food, housing).
  • Design and test for resilience at a business level. Among other things, understand the worst possible case and plan flawlessly for the pragmatic case; cross-train personnel in alternate facilities for business recovery operations; provide physical sites for diverted staff; and build in vendor diversity.
  • Make sure to attend to creature comforts, including basics such as food, water, rest, shelter and heat, as well as stress and psychological relief.
  • Have a plan to get back to “normal” as soon as possible. This applies to both working conditions and business activities.
  • Communicate often. In a disaster, people crave information.