hy is it that most data processing departments do not have a disaster recovery plan? It’s probably for the same reasons you don’t. Some typical excuses I have heard working in the industry include: “Not enough time”, “Downsizing”, “My resumé is off-site”, “It will never happen to me.”, and It’s not in this year’s budget.” Any of these sound familiar? If you have used any one or even all of these excuses and still don’t have a disaster recovery plan, then you are not alone. There is a great amount of creative energy spent formulating excuses instead of creating a plan.
The need for disaster recovery planning is being recognized by more and more of today’s businesses. Disasters do occur. Every organization is at risk to some degree. Your building could be damaged by a fire, flood, or explosion. Even a prolonged power outage, sabotaged computer system or destroyed equipment can shut your organization down. If any of these events happen, your organization may be unable able to continue operating. Most businesses depend heavily on computers and automated systems. If the interruption is for a prolonged period of time, the ability of your business to survive may be threatened. The survival of a business is in question when that business does not have a current, documented and implemented recovery strategy. Insurance can help fund the recovery but it cannot service or replace your valued customers.
An American university study concluded that 83% of businesses that lost their data centre for 10 days or more filed for bankruptcy within 1 year. Of those businesses, 50% filed for bankruptcy immediately. These businesses learned a valuable lesson. Why take a risk with your computer centre.
Disaster recovery planning can be defined as planning to ensure continued availability of essential services. Disaster recovery planning prepares an organization to respond to an interruption of essential business functions and provides the guidelines to fully recover these services. A proper disaster recovery plan ensures the availability of necessary resources including personnel, information, equipment, financial arrangements, services and accommodations. A disaster recovery plan is no good unless it is realistic, current, tested and is well known by those who must implement it. Disaster recovery planning is an integral part of any effective business strategy. When a disaster strikes, the last thing you need to do is waste valuable time fumbling through an inadequate recovery plan, if one exists, or learning new system procedures.
A good disaster recovery plan ensures business survival during a prolonged interruption of computing services. A proper disaster recovery plan is like a good insurance policy, it will be effective if all of the risks are carefully and realistically assessed. Do not write a plan to satisfy an auditor’s request to only have it sit on the top shelf of the office store room.
Effective documentation and procedures are extremely important in a disaster recovery plan. Most plans are difficult to use and become outdated quickly. Poorly written procedures can be extremely frustrating, thus making the plan ineffective. A worst case scenario should be the basis for developing the plan. The worst case scenario can be the destruction of the main office housing the computer room.
Developing a plan requires the planner to think logically. The following are basic steps used in planning for contingency of a computer or building disaster:
The steps illustrated are an important step forward to a successful implementation of a recovery plan. Disaster recovery planning involves more than off-site storage or alternate processing. The plan should be thoroughly developed, including all detailed procedures to be used before, during and after a disaster. The procedures should allow for a regular review of the disaster recovery plan by key personnel within the organization. Top management should review and approve the disaster recovery plan. Disaster recovery planning dollars are best allocated toward testing a plan, automating plan maintenance and applying an experienced consultant’s perspective to focus your personnel on quality disaster planning.