Home Page > Publications > Prevent Disaster Recovery Plans From Losing Priority In The Recession

Prevent Disaster Recovery Plans From Losing Priority In The Recession

Every business can experience a serious incident that can prevent it from continuing operations. This can range from a flood or fire to a serious computer security breach. The management of the organisation have a responsibility to recover from such incidents in the minimum amount of time, with minimum disruption and at minimum cost. This requires careful preparation and planning. In a tight economy, Disaster Recovery is being put on the back burner so how do you ensure that the CFO continues to support your IT disaster recovery plans?

Traditionally business continuity and disaster recovery (DR) planning have always been separated between the business and IT, and some argue that in order to have true business continuity in the 21st century one must also have strong IT DR Capability. There are not many businesses mid to large in the Northern Hemisphere that do not have some reliance on technology these days, imagine any FTSE 100 company not having email for just 2 days, everyone would be running around like headless chicken's, after all most businesses could not continue to operate successfully if their IT services were unavailable for a day or two. A disaster recovery plan is therefore put in place to help the business recover its IT Services in relation to the overall business continuity management plan. As defined by Continuity Central.com, "It has to be clear, concise, focus on the key activities required to recover the critical IT services, be tested, reviewed and updated on a regular basis, have an owner, and enable the recovery objectives to be met". After speaking to clients and suppliers here are some general recommendations for successful Disaster Recovery .

Writing and testing A disaster recovery plan is one of the key elements of business continuity management, so make it a business process that is supported by IT but owned by someone from the business. As quoted on SearchCio.com. "Of the 50% to 70% of organizations that develop disaster recovery plans, fewer than half actually test those plans. That is tantamount to having no plan at all." You will need to run physical onsite tests at least once a year and preferably once quarterly if you are able to do so remotely. If you have outsourced this process, ensure that in the SLA's there are clear measurable metrics for the provider to be measured against during testing.

Leadership Support & Buy-in Business continuity plan needs the right leader, and you need the right metrics to measure for the DR plans to get the right level of support. Get buy-in for your disaster recovery program by doing a risk assessment or a business impact analysis, that clearly demonstrates numbers that convey a strong message to the executives i.e. if website is down for 4 hours it is $450k of lost revenue, if telecommunications is down for half day it means our sales teams might lose $1MM in potential deals. You will have an even stronger case if you can talk about compliance with a regulatory law.

Disaster Recovery Value There are many new offerings that may cut the cost of your IT disaster recovery plan such as server virtualisation. Build a business case that show how disaster recovery savings can pay for business continuity planning. Lay out a five-year plan that shows improvement over time by, for example, taking additional risks out, or by better supporting a business need, or speeding the recovery time, or reducing error rates. Many DR contracts have been in place for a long time and are out of date on old uncompetitive rates. Disaster recovery, like any other business process, needs to show improvement, so bid out your need to at least 3 providers and see how competition can improve price.

Focus Only On Core Risk CIOs should focus on what they absolutely need to mitigate the core risk and, if necessary, defer the rest to keep costs down. So if you are running a data warehouse that has 3 servers for development, stage and production only have DR plans for the customer facing server to keep a lean operation where the CFO cannot reduce your costs anymore.

Invest & train people in your team to become DR experts Make sure DR is dependent on more than a few trained individuals. Have someone at each office location train someone else just in case that person is ill the day the incident occurs.

As quoted by Linda Tucci on SearchCIO "IT disaster recovery spending is never an easy sell, but a troubled economy has made the pitch even harder, forcing many companies to look for ways to trim back disaster recovery services without adding undue risk. CIOs and IT disaster recovery managers might have been focusing 18 months ago on often-expensive technologies to fill a gap in DR coverage. Now, they are more likely to focus on people and processes. Some are looking to wring more from existing assets by using distant corporate buildings for secondary or tertiary recovery sites. CIOs also are exploiting server virtualization to reduce floor space at their leased recovery sites, and they are boosting the resiliency of their internal IT infrastructures to minimize the impact of a disaster"

While working at GE we outsourced back office operations to India and one day the COO informed me that that the team in India was not able to access mainframes in France. After much analysis it became evident that the satellite link to Hydrabad was down. No one was able to process orders for days as the DR plans had not been fully tested. It became apparent that an Indian farmer had been digging in his garden and cut the fibre optic cable to the office with his spade, so even with the most thorough risk assessments and DR plans in place always be prepared for the unexpected. 

Quick Contact Form
Company Name
Contact Name *
Telephone Number *
Email Address *
Message