The question is not “if”, but “when”. Disasters do not send an invitation before they arrive.
All businesses are vulnerable to some kind of disruption that will have a risk of downtime or delay in Business outcome resulting in financial, production or reputation impact. Disasters do not send invitation before they arrive, they just happen. Example is the recent floods in Chennai, a city in India, center for IT Outsourcing, resulted in service outages for many support centers that were setup for international organizations.
Organizations are under pressure to deliver their services to their clients/consumer as per demand or risk losing them to their competitors. Unavailability of services will not only have financial losses and penalties but also damage the organizations reputation and market value.
Though we cannot avoid disasters, we can prevent it from turning into tragedy.
- A comprehensive Business Continuity Plan must be in place to counter such losses.
- A plan consisting of a roadmap for the continuity and/or restoring business critical services during and after a disaster.
- IT Disaster recovery plan is part of the Business Continuity plan. The plan should identify the business critical services and the potential threats to those services.
- It should clearly define the owners and their responsibility towards these services.
- It will include an Incident response plan consisting of teams to action the responses as laid down in the plan.
- Communication is key in such situation. The plan should have a communication strategy highlighting different mediums of communication.