SmartAdvice: Planning Ahead Means A Disaster Needn't Wipe Out Your Business - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

01:08 PM

SmartAdvice: Planning Ahead Means A Disaster Needn't Wipe Out Your Business

Planning ensures a business will have in place a road map and people to give direction, The Advisory Council says. Also, managers have to work on 'soft skills' to get ahead.

Editor's Note: Welcome to SmartAdvice, a weekly column by The Advisory Council (TAC), an advisory service firm. The feature answers two questions of core interest to you, ranging from career advice to enterprise strategies to how to deal with vendors. Submit questions directly to [email protected]

Question A: What should be included in a "state of the art" business-continuity plan?

Our advice: A comprehensive business-continuity plan must enable you to survive as a legal and financial entity in case of disaster. To do this, the plan must address all of the key assets that are necessary to continue operations -- people, process, information, and facilities, as well as technology.

At the executive level, lines of succession should be included in your corporate charter and board of directors meeting minutes, so that there's no question about who is empowered to make what decisions.

Related Links

SmartAdvice: Disaster Recovery Plans

In the case of major disasters, you should have access to a detailed organization chart with job descriptions for every position. This should be accompanied by an employee file containing training levels and certifications for each employee. Should some personnel be unable to perform their tasks after an event, this can be used to fill key positions quickly. Businesses can use an in-house or outsourced call center to notify employees of immediate and ongoing status.

Finally, plans should include training and drills in the continuity plan itself.

All business processes should be documented. Should the need arise to train new employees, well-written processes will accelerate that training. If it should become necessary to outsource an operation while you're rebuilding your infrastructure, the processes can be used to train outsourced staff as well.

Much of the corporate information required to maintain the enterprise as a legal and financial entity is still paper based, requiring appropriate document-image backup technologies. If you have questions about the documents that may be vital to your recovery, you should discuss them with your corporate counsel or law department. This typical Records Retention Schedule [] can be used as a starting point.

Computerized information generally protected includes customer and supplier databases, bills of material, financial databases, and human-resource databases. But key information some manufacturing companies forget includes engineering drawings, product specifications, and equipment specifications and settings.

The business-continuity plans of many enterprises deal with physical facility protection as just that -- protection. A state-of-the-art plan, however, should include having agreements in place for occupying other locations from which business can be conducted for an extended period of time.

Most businesses have plans in place to back-up essential data. And most, if not all, have installed firewalls to prevent unauthorized access to their systems. But recognizing the vulnerability of data centers to physical damage, businesses should establish relationships with outsourcers that provide disaster-recovery hot sites.

Backup facilities should be on different power and communications grids than your data center. To protect your day-to-day operations, you also should have redundant network connections, through different service providers. Authorized employees should have access through a virtual private network not only to E-mail, but to business applications.

A final word: Having any plan is better than having no plan at all. But no matter how simple or complex your plan may be, test it. That's the only way you will know if it meets your needs.

--Ron Bleiberg

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
IT Careers: Top 10 US Cities for Tech Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/14/2020
Predictions for Cloud Computing in 2020
James Kobielus, Research Director, Futurum,  1/9/2020
What's Next: AI and Data Trends for 2020 and Beyond
Jessica Davis, Senior Editor, Enterprise Apps,  12/30/2019
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Flash Poll