Disaster Recovery Journal

This post is part of our ongoing blog series on the critical subject areas as identified by the Business Continuity Planning Model. In this post we will discuss the fifth subject area: Emergency Response and Operations.

These subject areas are detailed and defined in the GAP document by 10 individual sub-committees of seasoned business continuity professionals from partner organizations (ARMA, DRII, FTSC, and NFPA) and members from the public and private sectors.

Cloud-based services mean instant, location-independent redundancy.

You have probably heard that important web services like Reddit, HootSuite, Quora, Foursquare etc. have recently suffered a quite lengthy outage – what you also probably know is that this outage was caused by Amazon Web Services (AWS), their cloud computing service provider. What you probably didn’t know is that AWS is ISO 27001 certified.

But isn’t ISO 27001 a guarantee against such service outages? Didn’t a certification company check the AWS? What’s the point of ISO 27001 if such things can happen?

Strange but true: moving to a data center could shrink your eco footprint

This post is part of our ongoing blog series on the critical subject areas as identified by the Business Continuity Planning Model. In this post we will discuss the fourth subject area: Developing Business Continuity Strategies.

These subject areas are detailed and defined in the GAP document by 10 individual sub-committees of seasoned business continuity professionals from partner organizations (ARMA, DRII, FSTC and NFPA) and members from the public and private sectors.

Cloud computing makes for easier recovery after any type of accident.

Crisis Response Planning Corporation (CRPC) as the leading authority on ICT based solutions for mass notification products and services; continues its analysis of reasons why so many organizations ultimately regret the selection of their notification service provider. The hidden danger or concern is that the time will come when you will rely on the availability and capability of your notification service provider and it, and therefore you, will fail in your efforts to minimize serious injuries or loss of life, the damaging impact to your organization’s image or reputation, or operational disruption throughout the organization.

There is a somewhat natural tendency to blame the external vendor(s) for all that goes wrong in an emergency response; after all, they are vulnerable and not in a really good ‘political’ position to launch a defence. We are quite certain that readers of Part 1 concluded that, yes, selecting the ‘wrong’ vendor and product could be disastrous, but much of what transpires is not only the fault of the vendor(s). Equally it is the fault of the ‘customer’ for selecting the ‘wrong’ vendor, most often due to poorly defined evaluation and selection criteria. Part 2 continues with that theme; there are things to watch out for when evaluating and selecting a vendor, but there is also much an organization can do to enhance the evaluation and selection process.

In this post we will be discussing the third subject area in the Business Continuity Planning Model. This subject area, Business Impact Analysis (BIA), is critical in any fully researched and thought out BC plan.

This blog post is part of our ongoing series that takes a subject area as identified by the Business Continuity Planning Model. In this post we will provide further details on how you can put these practices into operation in your business environment. The GAP document identifies BIA as being: “Identify the impacts resulting from disruptions and disaster scenarios that can affect the organization and techniques that can be used to quantify and qualify such impacts. Establish critical functions, recovery priorities, and interdependencies so that recovery time objective(s) and recovery point objective(s) can be set.”

Does it make sense to implement business continuity in smaller companies? Why would they need something as costly as this if the owner of the business has all the necessary information in his/her head?

Let me start with a story I heard recently – a small company (involved in the sales of various equipment to a large customer base) has been robbed – the thief broke into their office during the night and stole all the computers together with other valuable stuff. The problem is – the owner of this company backed up the data, but saved that backup on another computer in the same office. Very soon the company went bankrupt – they simply weren’t able to recover key information about their business.

This is part two of our post on Risk Evaluation and Control. Last week we discussed the first five steps of this second subject area in the Business Continuity Planning Model. DRI International developed the Business Continuity Planning Model, and we will be discussing each of the subject areas in this blog post series.

Each of the blog posts in this series takes a subject area as its central theme and provides further details on how you can put these practices into operation in your business environment. We will be referencing the Generally Accepted Practices (GAP) document developed by the DRJ Editorial Advisory Board (EAB) Generally Accepted Business Continuity Practices Committee and partner organizations (ARMA, DRII, FSTC and NFPA).