Technology Resilience and Business Continuity
Traditional business continuity management
Most organizations have business continuity management processes for ensuring that the business can recover from a severely disruptive incident. An effective process clearly defines the roles and responsibilities for those responsible for its oversight and implementation and the minimum requirements for compliance, including levels of Technology resilience to disruption and disaster recovery capabilities.
A well designed and well defined process is supported by effective and tested procedures and arrangements that are in place to enable the organization to respond to, continue through and come out of any incident that may severely disrupt its ability to provide the normal level of service to its customers and stakeholders. These procedures and arrangements are the basis of the organization’s technology resilience.
Technology resilience is defined as an organization’s ability to maintain acceptable service levels through, and beyond, severe disruptions to its critical processes and the IT systems which support them. The question that needs to be answered is, "What the enterprise has to do if technology fails?"
By understanding the seven (7) following factors C-level executives can get a clear grasp of what their enterprise's technology resilience is. They all have to be included in a technology resilience planning process.
- Awareness is having the knowledge of what the normal business operation requirements are; what dependencies there are on technology; knowing what the criticality of various technology system components and elements are, and the minimum acceptable operational levels and service levels. There must also be an awareness of the recovery requirements in terms of time, system capacity, and performance in the event of severe disruption to, or failure of, IT systems supporting the business processes. These should be identified by an effective business impact assessment/analysis (BIA).
- Protection is more than having physical and system access and security controls. It also means reducing the risk of system failure, e.g. removing single points of failure.
- Discovery is to know when a failure occurs. The use of effective means of alerting to problems enables the IT group to understand and address problems before they result in severe disruption.
- Preparedness means having specific action steps and plans in place to address the effects of a disruption.
- Recovery focuses on returning services and operations to business as usual levels within defined timescales and with minimal acceptable data loss following an event causing disruption or failure. This will only be achieved by having an effective and tested recovery plan which meets the business requirements in place.
- Review and Assessment are essential for every technology resilience program, and include post-incident reviews to identify the root causes of disruptions. It is a continual process that aims to enable the IT team and the business to understand potential issues and to assess and implement preventative actions to remove, or at least mitigate, the risk of severe disruption.
- Improvement is the process of taking the knowledge gained from all the above and taking steps to improve systems and increase resilience and continuously refine disaster recovery and business continuity plans.
It should be noted here that most, if not all, the information required for the above to be achieved successfully will come from effective business impact assessment/ analysis and risk assessment.
Business Continuity Planning Template comes in multiple versions
Disaster Recovery Business Continuity Template (WORD) - comes with the latest electronic forms and is fully compliant with all mandated US, EU, and ISO requirements.
- Fully editable Disaster Recovery Business Continuit template
- Disaster Recovery Business Continuity Audit Program - Compliant with ISO 27031, ISO 22301, and ISO 28000
- Disaster Recovery Manager Job Description
- Manager Disaster Recovery & Business Continuity Job Description
- Application Inventory and Business Impact Analysis Questionnaire
- Incident Communication Plan and Policy with BEST PRACTICES for
- News Conferences
- Media Relations
- Social Network Checklist
- Included with the template are Electronic Forms which have been designed to lower the cost of maintenance of the plan. Electronic Forms that can be e-mailed, completed via a computer or tablet, and stored electronically including:
- LAN Inventory, Location Contact Numbers, Off-Site Inventory, Pandemic Planning Checklist; Personnel Locations, Plan Distribution, Remote Location Contact Information, Server Registration, Team Call List, Vendor Contact Information, and Vendor/Partner Questionnaire
- Added Bonus - Safety Program Electronic Forms -- Area Safety Inspection, Employee Job Hazard Analysis, First Report of Injury, Inspection Checklist - Alternative Locations, Inspection Checklist - Office Locations, New Employee Safety Checklist, Safety Program Contact List, and Training Record
- Disaster Recovery Business Continuity Template
- 20 Job Descriptions (WORD)
Chief Information Officer - CIO, Chief Security Officer - CSO, Chief Compliance Officer - CCO, Chief Mobility Officer, VP Strategy and Architecture, Director Disaster Recovery and Business Continuity, Director e-Commerce, Director Media Communications, Manager Disaster Recovery, Manager Disaster Recovery and Business Continuity, Disaster Recovery Coordinator, Disaster Recovery - Special Projects Supervisor, Manager Database, Capacity Planning Supervisor, Manager Media Library Support, Manager Record Administrator, Manager Site Management, and Pandemic Coordinator
- Disaster Recovery Business Continuity Template - Full template with all of its attachments.
- 320 IT Job Descriptions including all of the job descriptions contained in the Premium edition.
With this offer you save almost 50% from the base price of these two very popular products