WHAT TO PROTECT AGAINST?
Avoidance, Recovery, Continuity
Businesses can be interrupted by events as simple as a network outage, or as devastating as a tornado, fire, or even an act of terrorism. The most appropriate step you can take to reduce the impact of a disaster is to first realize that it could happen to your business.
Let’s make sure we’re all on the same page, definition-wise.
Disaster Recovery (DR) describes the strategy an organization employs to deal with potential technology disasters so that the effects will be minimized and the organization will be able to either maintain or quickly resume its mission-critical functions. It follows then that Disaster Recovery Planning (DRP) needs to focus on the data, hardware and software critical for a business to restart operations that have been shut down by a disaster.
Disaster Avoidance, as the name implies, is the process of preventing or significantly reducing the probability that a disaster caused by humans, machines, or forces of nature will occur; or if such an event does occur that the effects upon the organization’s technology systems are minimized to the greatest extent possible.
Business Continuity (BC) procedures kick in as soon as a disaster is triggered. These procedures are a progression of preordained tasks, manual or autonomic, aimed at enabling an organization to continue serving its customers during and after a disaster. It precedes, and ideally minimizes or precludes, the recovery process.
Business Continuity Planning (BCP), explained below, is an excellent starting point for a business to focus because it yields valuable input that can be used to develop cost-effective Disaster Avoidance policies. The BCP process requires the business to identify its mission-critical operations and indispensable processes and data that are essential to keeping the business functioning as a disaster is occurring. Only by knowing the value of the processes and data you are protecting can you have a basis for effectively allocating dollars towards protecting them with Disaster Avoidance methodologies.
After the BCP has prioritized the key business processes, the next step is to identify the specific and significant threats that could disrupt normal operations. And, finally, devise mitigation strategies to ensure effective and efficient organizational response to the challenges these specific threats create during and after a crisis. While there are certainly overlapping features and objectives of these three strategies, it’s important to understand and benefit from the distinctions, because they are certainly not mutually exclusive.
Disaster Avoidance policies and procedures will minimize your exposure to certain disasters. Business Continuity Planning will maximize your ability to keep mission-critical processes working as a disaster unfolds or to resume as soon as possible afterwards. And, the main objective of a Disaster Recovery Plan is to bring operations back as quickly and seamlessly as possible after they have been interrupted by an event.