Disaster Recovery Journal

Enterprises need to have access to mission-critical data at all times. 
Yet having such a plan remains unfinished business for many companies, perhaps due in part to the challenges of distinguishing the differences between business continuity and disaster recovery. While disaster recovery primarily involves protecting IT infrastructure and data from disabling events after an equipment or site failure, business continuity targets a more comprehensive, business-focused approach for maintaining the availability of mission-critical applications and data in the face of any type of disruption. Therefore, a successful business continuity plan delivers more than the ability to restore or recover data; it improves the company’s financial performance by ensuring sustained workforce productivity and revenue generation.

It is equally important for an organization to devise both of these plans in conjunction as each, on their own, will not be able to provide the level of preparedness and protection today’s businesses demand to remain up and running under any conditions. Simply put, the two go hand in hand.

Not Your Typical Expectations
Major disasters such as hurricanes, fires, terrorist attacks, earthquakes, and tsunamis are not the only kinds of disasters that can cripple an organization. Executives sometimes overlook the often commonplace events such as cable cuts, power outages, computer viruses and equipment failures that can endanger a company’s business survival. Not being prepared can result in unfavorable consequences.

Most organizations cite downtime and its impact on revenue generation as the major drivers creating demand for a comprehensive business continuity strategy. Among the most tangible consequences of service downtime, besides the adverse effect on revenues, is the derailment of everyday business systems that help organizations operate productively. Reportedly, carmaker Subaru calculated that the company loses $20,000 an hour on wages alone when its inventory tracking system is down. This realization shows the high degree of direct impact that not having a business continuity strategy can have on a company’s bottom line.

While any interruption to revenue generation undeniably plays a major role in the need for business continuity, it is not the only factor that should be considered when analyzing the optimal business continuity approach. There are a variety of intangible costs that indirectly impact the bottom line, which all accelerate the growing demand for greater business resiliency.

The ‘Closed Loop’ Process
 Arguably, the most important aspect in preparing any business continuity plan is validating the combined technology and business processes to ensure they work together seamlessly. This requires the diligent testing of the documented plan under many different types of circumstances.

It is important to measure and validate test results relative to the plan’s original goals and priorities. The Business Continuity Institute suggests business continuity plans be tested fully at least once a year, yet research from Infoconomy revealed only one-third of companies surveyed do so. To improve these odds, organizations should implement a “closed loop” process for deploying and maintaining their business continuity strategies.

The “closed loop” process consists of the following steps:

• Strategy definition
• Plan execution
• Validation and measurement
• nvestment maintenance

Organizations that are the most successful take time to quantify their requirements and continuously measure results against specified goals.

Test and Evaluate and Test Again
If weaknesses are exposed after testing and evaluation, it is imperative that the testers react quickly to implement necessary changes in prioritized fashion, through taking careful, calculated steps that consider both technology requirements and business needs. Be sure to communicate testing results as well as any subsequent changes to the entire organization. Then test and test again with continuous reviews and enhancements as the organization grows or changes. Pay particular attention to fluctuating business conditions as well as the addition of new technologies and applications.

Business continuity and disaster recovery should be thought of not as a task to be completed but as a living and breathing exercise. For any exercise to be worthwhile requires dedication, unwavering consistency, and constant repetition. To create and maintain a business continuity plan that is a corporate must that necessitates a serious commitment of time and resources, making sure all systems and process analyses are performed and then remaining dedicated to supporting all the steps all along the way. Otherwise, the future of the business could be at stake.