Business Continuity and Disaster Recovery

The disaster recovery "consulting practice" centers around Information Technology professionals with years of experience in management, project management, quality, business resumption planning, operating system support, systems integration, network and sales.

Consulting Services
An approved plan for business-critical IT systems and applications is developed and then all procedures are tested to ensure that the implemented plan matches your business and IT requirements. Delivering your "Business Resumption Plan" at reduced cost and in the shortest timeframe possible is the goal.

- Business Impact Analysis - This service helps you define your recovery requirements from a business perspective and includes assessment of process criticality, resource requirements, Recovery Time Objectives (RTO) and strategies/costs to meet these objectives.

- Business Resumption Planning - Once recovery strategies are approved and implemented, procedures and reference information need to be documented for those business areas and support groups that will be recovered. All plans will include instructions for detection, escalation, notification, alert, declaration, relocation, procedures for recovery and other reference information.

- Operational Review - An operational review is performed to optimize your current processes and programs relating to back-up and restore of customer environments. The chief deliverable includes technical and operational recommendations to improve and optimize back-up and restore programs.

- Technology Recovery Planning - This service provides Resumption Planning services focused entirely on recovery of your information processing and associated networks.

- Technical Scripting - Technical scripting services focus on the development of the technical scripts for restoration and certification of operating, application and network systems.

- Plan Maintenance (IT and Departmental) - Your environment changes, and a formalized maintenance process provides for the ongoing testing and update of your existing Business Resumption Plans for IT business areas.

Disaster Recovery Defined:

DISASTER RECOVERY: Activities and programs designed to return the entity to an acceptable condition. The ability to respond to an interruption in services by implementing a disaster recovery plan to restore an organization's critical business functions.

DISASTER RECOVERY PLANNING: The technological aspect of business continuity planning. The advance planning and preparations that are necessary to minimize loss and ensure continuity of the critical business functions of an organization in the event of disaster. SIMILAR TERMS: Contingency Planning; Business Resumption Planning; Corporate Contingency Planning; Business Interruption Planning; Disaster Preparedness.

"Despite the widespread reporting of disasters and their effects, many companies, corporate directors, and officers remain apathetic toward implementing a disaster recovery plan. Companies are generally unwilling to commit the finances and resources to implement a plan unless forced to do so. However, implementing a disaster recovery plan is a strategic, moral, and legal obligation to one’s company.
If the billions of dollars spent on technology annually to maintain a competitive edge is an indication of how reliant our society is on technology, then failing to implement a disaster recovery plan is an indication of corporate negligence. Standards of care and due diligence are required of all corporations, public or private. Not having a disaster recovery plan violates that fiduciary standard of care." Tari Schreider - DRJ - Spring, 1996

Business Continuity Defined:

What exactly is business continuity? **
Business continuity is a well-defined recovery process to keep your company functioning through just about any disaster that may occur. This may be a natural disaster such as an earthquake, hurricane, or tornado. It can also be a man-made event such as a power outage, programmer error or malicious deletion of data. The end goal is to have a plan in place that mitigates the damage and keeps the company functioning in such a way that your end clients are unaware of the problem situation you may be dealing with. A business continuity plan is much more than just a data center recovery plan. A BC plan also includes recovery of critical data repositories, paper based functions and other critical items that are required to run your business. A complete BC plan will provide for the end-to-end, complete system recovery from the hardware perspective, and the steps necessary to recover the business processes as well.

Why do a BC plan?
The foremost reason behind business continuity planning is that it is good business practice. It assures your employees, stockholders and customers your company will still be in business after a disruptive event. Don’t forget federal regulations. Regulations may require some type of organizations to implement business continuity and disaster recovery projects. Senior executives may no longer have the option to choose whether or not they want to do business continuity. There have been an abundance of new regulations implemented that have reaching effects on many, if not all companies. Some of the following regulations may have an impact on your company business.

HIPAA Plan (§164.308(a)(7)(i))
Every covered entity that deals with protected health information (PHI) must have a contingency plan in place.
Most companies should have been in compliance by April 14, 2003.
Small companies should have been in compliance by April 14, 2004.
National Association of Security Dealers (NASD) Rule 3510 and 3520
Requires members to create business continuity plans and provide emergency contact information. Effective dates:
Rule 3510
Clearing Firms Aug. 11, 2004
Introducing Firms Sept. 10, 2004
Rule 3520 All Firms June 14, 2004
Sarbanes-Oxley Rule 404
Management will establish and maintain internal control structures and procedures for financial reporting.Effective dates:
fully functional by April 15, 2005
Gramm-Leach-Bliley Act (GLBA)
GLBA provides provisions to protect consumers’ personal financial information held by financial institutions. There are three principal parts to the privacy requirements: the Financial Privacy Rule, Safeguards Rule and pretexting provisions. Effective dates:
Full compliance by July 1, 2001

A business continuity plan should be viewed as an investment in your company. It provides the security in knowing your company should be able to recover and continue from just about any type of disaster.

** - Blackmon, Jeff - DRJ - Spring 2005 - Vol. 18, Issue 2


Web Hosting

Data Recovery

We are proud to be a Gillware Data Recovery Affiliate Partner