15Secrets to Writing a Great Business Continuity Plan
Useful definitions
• What’s Business Continuity? Business Continuity or BC “describes the
processes and procedures an organization puts in place to ensure that essential functions can continue during and after a disaster”, either natural or man-made according to SearchStorage.com
• And a Disaster Recovery plan? A DR plan “consists of the precautions
taken so that the effects of a disaster will be minimized and the organization will be able to either maintain or quickly resume mission-critical functions” according to SearchStorage.com
What threats?
• Fire• Theft• Fraud• Flood • Terrorist attack • Pandemics• Earthquake• Cyber attack• …and many more
• A disaster can hit your business at any time.
• You need a good DR plan.
• But writing and maintaining a good DR plan is hard.
• And most firms never get round to it
• Don’t wait until disaster strikes - start preparing today.
• To help you design a comprehensive DR plan, hSo have prepared 15 DOs & DONTs.
1Don’t Cover Everything
Write an easy-to-follow guide, for use in an emergency
DO
Write an encyclopaedia
DON’T
2Prioritise
Recovery Actions
Focus on restoring critical business functions
Understand which tasks/files/servers… are more important than others
DO
Try to instantly return EVERYTHING to normal after a disaster
DON’T
3Consult Others
Consult all departments to ensure some needs are not overlooked
Consult your suppliers
Talk to your customers
DO
Assume you know everything about your business/suppliers/customers
DON’T
4Assemble information BEFORE it is needed
Prepare NOW for the worst
DO
Wait for a crisis to look for information. You won’t have time to waste
A disaster may make inaccessible the information you need, just when you need it
most
DON’T
5Educate Your Staff
About the Plan
Make sure your staff know about your BC plan
Rehearse annually to train your staff
DO
Assume your staff know what to do
Make your BC plan unavailable to your employees – have paper copies of your plan
ready throughout your facilities & stored off-site
DON’T
6Document Business-
Critical Processes
Document your business processes – they are essential to your business and customers
DO
Rely on just one or two people to know the processes – they might not be here when the
disaster strikes
DON’T
7Plan for the Worst-Case
Scenario
Prepare for the worst case scenario aka total loss of assets
… and you’ll cover many lesser scenarios
DO
Leave anything out to chance
DON’T
8Remember Your Main Site May Be Completely Lost
Back up your electronic data off-site
Store a copy of irreplaceable documents off-site
DO
Store your backup on the same site as your servers
Think your main site is out of danger
DON’T
9Don’t Be a
Perfectionist
Aim to keep your business working
Remember that recovery is timely but need not be instantaneous
DO
Aim to get everything back to the way it was before the disaster right away
DON’T
10Update Your Plan
Regularly
Keep in mind your business evolves and your DR plan needs to evolve with it (staff changes, new
customers, growth, new contracts, new IT apps…)
Update it at least every quarter
DO
Write your plan and just forget about it
DON’T
11Use Clear
Visuals
Include photos, floor-plans, organisational diagrams, numbered lists, bullet points…
For example, add photos of major assets to the Asset Inventory, along with a floor-plan showing
where the assets are located.
DO
Make it complicated for everyone to know what you’re talking about when reading your BC plan
DON’T
12Remember
Indirect Effects
Remember that many risks can harm your business indirectly
For example, fire could stop your main supplier from providing the services you rely on
DO
Forget to talk to your major suppliers about their own DR plans
Forget to put together a list of alternative suppliers that meet your needs if your main suppliers can’t
deliver
DON’T
13Consider
Differing Severities
Consider the when/where/what/to what extent a disaster can strike
DO
Think the response to any disaster should always be the same
DON’T
14Consider
Opportunity Cost
Consider all costs, not just direct cash costs: lost opportunities/lost productivity/lost revenue/lost
customers/legal costs/etc.
DO
Underestimate these costs. Better to be safe than sorry
DON’T
15Ensure Each Site Has Its Own
BC Plan
Prepare a DR plan for each of your sites
Coordinate strategically to ensure consistency of standards
DO
Forget that risks vary from one site to another
Thus each location’s assets and data also vary
DON’T
Do you need help with your Business Continuity plan?
Contact us today for a chat:
+44 (0) 20 7847 [email protected]