ATIBA | BUSINESS CONTINUITY SERVICES

WHAT IS (BCP) BUSINESS CONTINUITY PLANNING?
Business continuity planning is the process of developing advance arrangements and procedures that enable an organization to respond to an event in such a manner that critical business functions continue with planned levels of interruption or essential change. It is a plan that ensures that essential functions can continue after a disaster.

Business continuity plans (also know as Business Continuance Plans) can be considered the 'all-encompassing corporate plan' that describes the processes and procedures that an organization puts in place to ensure all aspects of the business can resume and be recovered should a disruption occur. It covers more than just computer systems and data at a few physical sites - it addresses critical areas such as employee safety and availability after a disaster, relocation plans, as well as technology and communication systems.

Business Continuity Plans include, or are composed of, several components (or individual plans):

(DR) Disaster Recovery Plan - identifies the activities and programs designed to return the entity to an acceptable condition. It includes addressing how employees are protected, it identifies what the critical business functions are and how they will be protected, it describes how your data will be saved and recovered, and it frequently calculates the cost of down-time. It enables an organization to respond to an interruption in services by implementing a disaster recovery plan to restore an organization's critical business functions.

(BRP) Business Resumption or Business Recovery Plan - specifies the means of recovering and maintaining essential business functions at an alternate, contingency site/location.

(CP) IT Contingency Plan - a plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. A contingency plan may use any number of resources including workaround procedures, an alternate work area, a reciprocal agreement, or replacement resources.

THE NEED FOR BUSINESS CONTINUITY PLANNING
Disasters over the past few years such as 9/11 and Hurricane Katrina have brought to the forefront the critical need every organization has to protect its business, infrastructure, people, and operations. Hurricanes, tornados, floods, malicious acts, or simple mistakes - every business is susceptible to some form of outage or disaster. And, no business can simply afford to be 'down' for weeks, days, or even hours without suffering pain and financial loss.

Statistics show some staggering results when the need to plan for disaster is not realized and implemented. By implementing a few short and long term solutions, you can help to keep your business from being one of these statistics....

GETTING STARTED
The biggest hurdle many businesses face when it comes to implementing a business continuity plan is simply getting started. Breaking things down into less formidable steps can simplify the process to get it completed more efficiently.

The most important resource for any business to consider is its people. Property can be replaced, people cannot. Be sure you have a viable evacuation plan to ensure the safety of all employees before you start anything else.

Other Business Continuity Considerations

1. Understand what keeps your business going. Identify those systems and resources that are absolutely critical to run the business and focus on protecting those first.
2. Get the data out of the building. This is the quickest and easiest way to help insure that the business can be recovered should it suffer a loss or outage.
3. Calculate the cost of downtime. This will help in setting priorities as to which areas of the business get protected and to what levels.
4. Think beyond tape. While tape is probably the most common method for protecting and recovering data, it may not be appropriate or sufficient for all your applications.
5. Continue to build and test the plan - continuously! Be sure that your plan accounts for the various type of outages that could affect each business location, including a simple disk or hardware failure, a building outage, a regional power failure, environmental disasters, and natural disasters such as hurricanes and earthquakes.

The key is to remember that while the complete business continuity plan can get a bit overwhelming, there are interim steps that can be taken to implement a solid disaster recovery (DR) plan for protecting your business from data loss and application downtime. Do not wait for the corporate business continuity plan to be completed before instituting a solid DR plan, develop them in parallel. The DR plan is just one piece of the overall business continuity plan.