ICT availability: From disaster recovery to business resumption
Conclusion: The ICT Disaster Recovery Plan (DRP) is, more often than not, focused on technology providing for redundancy of infrastructure and systems, including data back-up and data recovery. Whilst these components are important and necessary, we often oversimplify the need for business resumption of the ICT business, which in turn will impact ICT availability. The need to ensure people are part of the planning is critical to success. Often the disaster, whether it be a technology issue, a business issue, such as a fire or denial of access to key sites, or an environmental issue such as a flood or storm, can equally affect the need for expanded operations centres and larger than normal help desk support functions.
Effective planning and testing of the plan, for all aspects of a probable disaster scenario and the ICT Business Resumption Plan (BRP) to support the business as a whole, is necessary. Effective testing of the DRP and BRP for ICT must be a high priority for any CIO to ensure service levels are maintained. Failure to do so will increase the risk of ICT to the business.
Any test of your DRP and ICT BRP should include business and customer involvement to provide your organisation confidence that all known risks have been successfully mitigated. The oversight of the testing of these plans must be planned and conducted by an independent body (preferably a consultancy that has knowledge in the organisation business world, or your ICT advisory service).