Disaster Planning Risk Assessment


The Standard for Disaster Recovery and Business Continuity

Order Disaster PlanDisaster Plan TemplateDisaster Plan Customers


A major part of the disaster recovery planning process is the assessment of the potential risks to the organization which could result in the disasters or emergency situations themselves. It is necessary to consider all the possible incident types, as well as and the impact each may have on the organization's ability to continue to deliver its normal business services.

Risk Score

This can be complex and demanding. To assist in this risk assessment process Janco has provided a number of tools. the Exhibit on the right is one such example.

There are many potential disruptive events and the impact and probability level must beassessed to give a sound basis for progress. To assist with this process the following list of potential events has been produced:

Environmental Disasters

  • Tornado
  • Hurricane
  • Power Grid Failure
  • Flood
  • Snowstorm
  • Ice Storms
  • Earthquake
  • Electrical storms
  • Brush Fire
  • Forest Fire
  • Structure Fire
  • Sink Holes
  • Landslides

Man Made Disruptions

  • Terrorist Attack
  • Sabotage
  • War
  • Theft
  • Arson
  • Labor Disputes

Equipment or System Failure

  • Internal power failure
  • Air conditioning failure
  • Cooling plant failure
  • Equipment failure

IT Failures and Security Breaches

  • Cyber crime
  • Loss of records or data
  • Disclosure of sensitive information
  • IT system failure

The Disaster Recovery / Business Continuity Template includes a threat and vulnerability assessment tool to aid you in classifying the risks enterprises face.

 

    Order Disaster Plan      Disaster Plan Sample

 

 

 

 

 

Disaster Recovery / Business Continuity Risk Assessment News



Causes of Disasters

Disaster Causes

According to Janco Associates, the primary factor in the activiation of Disaster Recovery and Business Continuity Plans is computer hardware failure.

- more info


Google person finder may be an options to include in disaster plans

Disaster plans need to include a way to contact individuals who are in the area after an event.

Google has a tool to help people locate friends and loved ones who have been affected by the 8.8.-magnitude earthquake in Chile.

Google Person Finder allows users to search for information about people by name or leave information about people in both English and Spanish. The page said it contained 22,900 records. However, the page cautions users that all data input would be viewable and usable by all and that the company plays no role in verifying the information. Google had set up a similar Person Finder tool after Haiti's recent earthquake.

- more info


IT Systems Will Soon Start to Fail on a Regular Basis

There is a big crunch coming, and companies will start to experience ever greater IT failures unless they start buying new hardware.

When the recession started, IT spending fell off a cliff.  Hardware and software companies are hoping that IT spending will make a strong comeback because of the pent up demand and the fact that there is a lot of aging IT gear installed today.

Most companies have extended their maintenance contracts, but, at some point, that will not be enough as IT systems start failing.

Predicting IT failure is not a hard thing to do. When you deal with tens of thousands, and even hundreds of thousands of servers, data storage systems, network equipment, etc, it is a relatively simple statistical exercise.

The fact that IT systems are aging.  Maintenance contract prices increase every year that older equipment is kept working. At some point it becomes more expensive than upgrading. And upgrading brings additional benefits such as higher performance from the latest processors and subsystems.

Currently, a large part of an organization's IT budget is being spent on regulatory compliance issues, and on security, which is related to regulatory compliance. For the executives, being in compliance means not going to jail.

But if you can't run your business IT applications reliably then being compliant becomes a moot point. So, will spending on basic IT infrastructure come roaring back this quarter? Or will companies try to eek out another few months of performance out of their aging IT systems?

- more info


Disaster Planning is Complex

An increasing number of professionals know that small-scale emergencies can be contained if staff members are prepared to react quickly. Damage can be limited even in the face of a large-scale disaster. For example, cultural institutions in Charleston, South Carolina, formed a consortium that focused on disaster preparedness several years before they were hit by a hurricane. Many of those institutions sustained only minor damage because they were able to put their early warning procedures into operation.

Disaster planning is complex; the written plan is the result of a wide range of preliminary activities. The entire process is most efficient if it is formally assigned to one person who acts as the disaster planner for the institution and is perhaps assisted by a planning team or committee. The enterprise's director may play this primary role or may delegate the responsibility, but it is important to remember that the process must be supported at the highest level of the organization if it is to be effective. The planner should establish a timetable for the project and should define the scope and goals of the plan, which will depend largely on the risks faced by the enterprise.

- more info


Data protection in a state of flux

The state of IT Disaster Planning and data protection is in flux. Conventional models of backup and restore have become obsolete and are being replaced by newer dynamic paradigms that involve disk-to-disk, virtual server provisioning, sophisticated data deduplication, and appliance-based operations. 

Disaster Recovery Plan - Business Continuity Plan Template

ISO 27000 ( formerly ISO 17799 ) - Sarbanes-Oxley - HIPAA - PCI-DSS Compliant

OrderDownload Table of ContentsLessons Learned

Janco has identified four primary business drivers of data protection:

  • Provide Business Continuity and Disaster Recovery. This is the traditional concern of mitigating exposure to information loss. However it has grown more complicated as 24/7, global economy, and open source have become standard business issues. Of paramount importance is overcoming the hurdles associated with backup window requirements, application performance, reliability and consistency, and recovery time.
  • Streamline Process Management and Increase Productivity. As staff and resources become overburdened, companies are refocusing on process management. Easing critical pressure points is often the catalyst to surviving a difficult fiscal climate.
  • Contain Storage and Server Costs. Controlling cost of operations has become a top priority for many organizations. With data growing at exponential rates, these costs can easily mushroom.
  • Support IT Infrastructure Consolidation. Today's data protection architecture seems to be intrinsically broken - as characterized by slow backups, complex recoveries, compromised application performance, and difficult resource administration. IT infrastructure consolidation including server virtualization magnifies the problems and elevates the rearchitecture of storage and data protection as a priority. Finding high performing, easy-to-use, scalable data protection remains a key imperative. Further, system migration of production servers and critical applications to a virtual environment are likely to be costly and painful unless an easy and minimum-impact solution to migration is built into the rearchitecture.
- more info