Business Continuity Plan – Implementing and Testing
Now that you’ve reviewed your infrastructure’s Business Continuity requirements, you’ve also discussed your needs with your UniVista Account Manager and you’ve allocated your budget accordingly, it’s time to implement and test the plan.
The Scenario: Systems are down. Now what?
A key part to implementing and maintaining a Business Continuity Plan is documenting it. Provide a Master Plan or User’s Manual for when the inevitable strikes your organization. This will allow various members of your team to know how to proceed with the recovery. Create a comprehensive, easy to understand and, most importantly, easy to follow document. At a high level, you want your document to cover: Who, What, When, Where, Why & How.
WHO: Who will implement the plan? Identify your Recovery Team(s).
WHAT: What are your business’ Critical Functions. What infrastructure or service are they running on?
WHEN: When do you implement your recovery plan? How quickly after a loss is identified, do initiate the Disaster Recovery plan?
WHERE: Where does recovery happen and how do you connect to it? All your company’s efforts will be for nothing if no one can locate or access the recovery infrastructure!
WHY: Why are you initiating your Disaster Recovery plan? What acceptable loss factor has triggered the disaster flag?
Additionally, you will also need to identify how to access your plan in the event of a total loss of your data and email storage. For example, in the event of a fire or flood, keep multiple copies of your Business Continuity Plan printed with key employees or stored online in Microsoft SharePoint.
Keep your plan up to date. Schedule periodic reviews, both internally and with your UniVista Account Manager to ensure your plan remains viable and will work when you need it to. There’s nothing worse than trying to recover from a scenario with a poorly implemented or outdated plan.
Testing and why “Fire Drills” are important…
Your organization’s plan is documented, you have implemented backup solutions, now you must test your Disaster Recovery plan – essentially, run your “fire drill.” These “fire drills” are important to determine if you’ve covered everything and will help to identify where you may have weaknesses. Your initial Disaster Recovery test may uncover gaps in your plan which require attention. Work towards resolving those gaps, but more importantly: schedule your next test. Determine whether you’ll be testing quarterly, biennially, or annually. If you need help determining how often to run your test, please feel free to consult with your UniVista Account Manager.
Evaluate your testing experience…
Regularly testing your plan keeps you, along with key members of your team, familiar and ready for when disaster strikes. However, you will also need to review and evaluate the recovery plan on a recurring basis. Evaluate and review these questions; Is your list of Critical Functions up to date? Is their hierarchy of importance weighted the same as when the plan was initially documented? Have you added, removed, or changed a service or team that needs to be reflected in the plan?
Moving forward with a plan…
Now that we’ve discussed key elements of implementing and testing your Business Continuity and Disaster Recovery Plan, what questions do you have? Are you able to understand the process, but aren’t sure how to get started? Are you unsure if your business has an additional compliance element that requires a Disaster Recovery plan? Do you have an old Disaster Recovery plan that needs revisiting? Let your UniVista Account Manager know. We can answer questions and create a project that fits your specific disaster recovery needs.