Introduction
Today, recovering a business from a disaster is a common phenomenon. For many years, it has been a long and risky procedure for the overall business practice unless one used the business continuity arrangements to get extra information for carrying on the disaster recovery process. According to Helies (150), sections of business continuity plan have basis upon exposure, economical ability and availability of resources.
The new trend most companies are adopting entails outsourcing the disaster recovery teams. This is an optimal procedure but economically impossible. It is important for a business to have some backup procedures of storing information and other important assets. This is the reason businesses are considering the standard procedure of incorporating the continuity plans or disaster recovery plans as necessary tools for backing-up management procedures and allowing business policies, which authorize a firms’ compliance.
Effective business continuity plan entails management sponsorship and, compliance with polices and procedures. The process is mainly dependent of corporate senior management in a firm. The complexity of businesses as highlighted by the human errors involves compliance measures to determine the critical need for the firm and the vulnerability to malfunctions, which the business services are susceptible Helies (150).
Business continuity plan focuses upon impact and risk analysis of a business. The planner must identify the mission critical to the business services in the aim of recovering them in the event of failure. This means that continuity planning in business is a direct contribution to business’s disaster recovery plan. The business continuity plan therefore requires support from all the firm’s departments where incorporation of policies occurs as part of standard operating procedures, to measure the competencies of these functional areas.
Components of the BCP
Business Continuity Planning (BCP) output is an impetus for implementation of disaster recovery plans therefore the main inputs for the business planning process entails the human resources, the ICT and networking infrastructure, physical components such as furniture and, the backup systems. The planning procedure is a life-cycle process of identifying, defining, implementing, testing, maintaining and, revalidating the critical business processes and technological components of the business infrastructure.
The planning process can take various dimensions but eventually have to identify all the operational attributes of a critical business service. To include the components the procedure entails identification of the key business services, documentation of service inter-dependencies, specification of the recovery plan, implementation of solutions, testing and validation, routine maintenance and, eventually evolution change management Haag and Cummings (24).
Planning involves analysis of potential threats in a business. The response depends on nature and impact of the disaster. Some catastrophic threats such as floods cause physical damages to the business infrastructure. Pandemics such as communicable diseases affect human resources while leaving the infrastructure intact.
Cyber terror attacks may affect the business network without causing physical damages or affecting the human resource. A bomb attack can cause damages to all the business attributes. Lastly, power breakdown renders the equipments inoperative, and this is not a lasting damage. In line with Haag and Cummings (27), the business continuity plan therefore must cover all these contingencies according to the type through analysis of the impact.
Analysis in the business continuity planning process calls for the assessment of treats or occurrences at various levels. The plan should describe the areas of responsibility during a crisis management situation for the management. During crisis, it is not the time to indicate the responsibilities or assign duties.
Each key personnel should be aware of their duties and performance requirements without squabbling about the decision-making. It is important to have plans that include alternative plans to cover those key persons who may be absent. Personnel’s training is also a key factor for disaster analysis, preparedness, incident administration and, recovery.
The implementation process involves activities required for installation, configuration and readiness of recovery solution for direct by-products Haag and Cummings (31).This include the procedure of vetting necessary processes and solutions to ensure the firm is in a position of recovering the critical business missions and services, within a specified recovery time-frame, recovery objective and, within associable costs.
Testing, validation and maintenance are tasks associated with disaster recovery. Testing involves measuring of services to ensure readiness and full functionality. Incorporation of these activities ensures that the business change administration processes remains acquiescent to the business continuity planning procedures.
Routine maintenance involves validation of compliance with respect to the planning process and all the update information or activities involved. The system life cycle requires continuous management, review, and, updating with all the existing and newly revealed services for conclusive plan. This means that measurement of the tests results ensure full compliance and readiness of services for full disaster recovery.
Routine maintenance is equally important since it involves incorporation of manufacturer’s recommendations (Helies, 154). It also entails remediation of software defects, incorporating changes involving operations and, enhancement of other proprietary applications.
Routine maintenance ensures the business continuity plan remains up to date on activities that are necessary in keeping the disaster recovery solutions current and operational at all times. It is important for the Business Continuity Planning process to include a recovery phase for reinstating the operations through damages assessment, recovery cost estimation, compensations and, monitoring the recovery progress.
Works Cited
Haag, Stephen, & Cummings, Maeve. Management Information Systems (for the
Information age) McGraw-Hill Irwin, 2008
Helies, Andrew. The Definitive Handbook of Business Continuity Management. (Second Ed). John Wiley and Sons publishers. 2007