Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
service
Impressum
Datenschutz
Haftungsausschluss
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
UniCOS
Pork (software)
LDAP Data Interchange...
IBM 3480 Family
Compact Disc plus...
2015, Inc.
Ad filtering
recommendation
Freenet DSL
Who's Online
10 user(s) are online (8 user(s) are browsing encyclopedia)

Members: 0
Guests: 10

more...
partner

Disaster Recovery Plan

= Disasters & Information Technology =

As information technology systems, networks, and organizations become complex, disaster recovery becomes more essential to the continuity of companies worldwide. The more complex an organization is, the more financial loss it can incur in the event of a disaster. Although some companies can spend up to 25% of its information technology budget on disaster recovery, it is a worthwhile cost to minimize the downtime and reduce potential losses.

= Disaster Recovery Plans =

A practical disaster recovery plan is one that is proactive, well planned, and most importantly, in place and well tested before a disaster strikes (Robbins Gioia LLC, Preparing for the Worst: A Best-Practices Guide to Disaster Recovery, p. 1).

Organizations should develop written, comprehensive disaster recovery plans that assess all the critical operations and functions of the business. In addition, they should include documented and tested procedures, which, if followed, will ensure the ongoing availability of critical resources and continuity of operations. Even though the probability of a disaster occurring in an organization is highly uncertain, a disaster plan provides a certain level of comfort assuring that if a major catastrophe occurs, financial liability will be limited.

A disaster recovery plan (DRP), is sometimes referred to as a business continuity plan (BCP) or business process contingency plan (BPCP). The plan should outline in detail how a company or organization is to deal with potential disasters, whether naturally occurring or man made. The plan provides ways for a company to prepare for a disaster in order to minimize its effects. It also outlines post disaster actions to ensure the organization can resume operations as soon as possible.

A disaster recovery plan should take into consideration of customers, facilities and knowledge workers, business information, computer equipment, and communications infrastructure. The following addresses the above factors in greater detail.

Customers: Include both end consumers and B2B suppliers and customers. These stakeholders will be reassured if they are involved in the disaster planning process in order for them to plan accordingly.

Facilities: Companies can have more than one site for the company. In case of a physical disaster, the company can be quickly relocated to another site that is also attached to its server so business processes can be quickly resumed.

Types of Facilities:

Hot: Almost a duplicate of the original facility, fully equipped and ready for use immediately after the disaster. Only the people resources need to be moved to start operations.

Warm: Contain most of the features of the mother facility, but without the most relevant technology available.

Cold: A mock site or space allocated for the company to momentarily stabilize itself after a disaster. No equipments though are installed.

Knowledge workers: Train workers and provide them with the information and personal care so they have the necessary knowledge to function during and post disaster.

Business Information: All business information should be backed up regularly. Some companies perform this daily; some even do it on an hourly basis. This ensures the most up-to-date information is available as soon as the disaster passes.

Computer Equipment: Large companies have a myriad of different software and operating platforms. Organizational costs for this level of complexity is quite high, however the benefits of being prepared for disaster will greatly outweigh the costs.

Telecommunication infrastructure: This relates to how a company communicates with its external and internal partners. It is important to have a backup telecommunications carrier and portable handheld devices, i.e. blackberries. (The above section is adapted from: Cummings, Donavan, Haag, McCubbrey, Pinsonneault, Management Information Systems: For the Information Age, McGraw-Hill Ryerson. Toronto: 2004)

= Steps in Developing Disaster Recovery Plans =

1. Obtain support from management & establish a planning committee

Top management must support and be involved in the development of the disaster recovery planning process. They should be taking the lead for coordinating the recovery plan and updating it as conditions change. A planning committee should be established to oversee the plan development and appoint employees from various departments to carry out the plan.

2. Gather requisite documents and information

Having access to the necessary information is a pre-requisite to a workable plan. The expedite the exercise, ensure that these are readily available to the planning team [http://www.disaster-recovery-guide.com/doclist.htm 1].

3. Perform a risk assessment

The company must establish a guideline of what constitutes a harmful loss of data. This is accomplished considering the impact of losing data. For example, in the event of a system mal-function, a company that is client based will suffer substantial loss as client information is an essential part of its daily business activities.

A risk analysis can be completed by the planning committee by assessing possible disasters, such as natural, technical and human disasters. Each functional area of the organization should be analyzed to determine the potential consequence and impact associated with several disaster scenarios. The risk assessment process should also evaluate the safety of critical documents and vital records (Wold, G., Disaster Recovery Planning Process).

4. Establish priorities

Next the company should consider the loss of ACCESS to the database itself. What will be consequences of your end users not being able to access information for a period time after a disaster For example, loss of data in an airline will result in mass confusion regarding the arrival and departure of individuals on board planes. Answering such questions will assist firms in determining priorities in the operations and what the disaster recovery plan should focus on.

Areas of consideration can include and not limited to:

Key operation functions

Personnel

Information processing

Service

Documentation and record keeping

Policies and procedures

5. Determine Recovery Strategies

After the organization has concluded what is a harmful loss and the consequences of the inability of accessing certain information, it can then begin to develop a backup strategy.

Alternatives recovery strategies may include a combination of the following:

Hot, warm, and/or cold sites

Reciprocal agreements

data and service centres

Multiple computers

Consortium arrangement

Vendor supplied equipment

(Chapple, M., SQL Server Disaster Recovery)

6. Perform Data Collection

The recommended data gathering materials and documentation that all organizations should consider include:

Backup position listing

Communications Inventory

Distribution register

Documentation inventory

software, equipment and hardware inventory

Forms inventory

Insurance Policy inventory

Master call list

Master vendor list

Notification checklist

General supplies inventory

Off-site storage location inventory

Telephone inventory

7. Organize and document a written plan

At this stage, a detailed outline of the contents should be prepared for the review and approval of top management. The benefits of this doing so are that it:

Helps to organize the detailed procedures

Identifies all major steps before the writing begins

Identifies redundant procedures that only need to be written once

Provides a road map for developing the procedures

Ensure consistency in writing styles

The written plan should be composed of the following:

Immediate response after a destructive event

Evacuation of facility and notification to emergency services

Notification sequence for team leaders and backups

Establishing a temporary Business Recovery Command Center

Preliminary and detailed damage assessment

Recall of vital records from off site storage

Handling legal, financial and insurance issues

Dealing with the news media to mitigate misinformation

Locating interim facilities to restart your business

Recovery of PCs, LANs and Mid-range systems

Establishing voice and data communication

Addressing human resource and accounts payable/receivable issues

Replacement of equipment, furniture and supplies

Notification to clients, customers, suppliers and stock holders

Restarting your business

Reconstruction of the damaged or destroyed facility

8. Testing the Plan

An initial test of the plan should be performed by conducting a structured walk-through. Any glitches can then be resolved and further improvements can be made as appropriate.

9. Approve the plan

At the last stage, management should approve the plan and agree to implement in the organizations and accommodate for future improvements to the plan as changes occur.

(Adapted from: Steps in Recovery Process, at http://www.drj.com/new2dr/w2_002.htm)

= References: =

Chapple, M., SQL Server Disaster Recovery, http://databases.about.com/od/sqlserver/a/disaster.htm, Retrieved on March 19, 2005.

Cummings, Donavan, Haag, McCubbrey, Pinsonneault, Management Information Systems: For the Information Age, McGraw-Hill Ryerson, 2004 http://www.gcn.com/Resource/disaster.pdf, Retrieved on March 19, 2005.

Disaster recovery plan reference list: http://www.disaster-recovery-guide.com/doclist.htm

Robbins Gioia LLC, Preparing for the Worst: A Best-Practices Guide to Disaster Recovery, Sterling Network Services, http://www.sterlingnetwork.com/

Wold, G., Disaster Recovery Planning Process, http://www.drj.com/new2dr/w2_002.htm, Retrieved on March 19, 2005.

= External links =

Disaster planning website: http://www.brproactive.com/

Disaster recovery guide: http://www.disaster-recovery-guide.com

Background Information: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci752089,00.html