Business Continuity vs. Disaster Recovery: 101 Crash Course

Author: Degree

We live in a world of uncertainty where it seems anything can happen at any time and affect not only our personal lives but also impede our ability to run our businesses. Unexpected events can wreak havoc and disrupt the way you navigate your day-to-day activities. The global coronavirus health pandemic is bringing to the forefront the fragility of our economic engine.

The Cheesecake Factory announced they will be unable to pay rent for any of their properties April 1st, Instacart is struggling to meet demand and is facing a full labor strike, and countless other businesses are seeing disruptions in their supply chains. For this reason, we believe it is necessary to discuss the importance of a well-organized Business Continuity Plan (“BCP”) and Disaster Recovery Policy.

A properly structured Business Continuity Plan will minimize the impact of adverse events that threaten your company’s ability to operate. A BCP is a must-have tool in any successful business’s arsenal, think of a BCP as your proverbial toilet paper, bottled water, and Lysol all rolled into one! In this quick read, we will cover key aspects to include in your BCP and Disaster Recovery Policy.

What is a BCP?

A Business Continuity Plan is a written strategy developed to prepare your company for a variety of “worst-case scenarios”.  There are 6 main disaster categories that a business must be prepared for. Global Pandemics, Natural disasters, Man-made disasters, Utility failures, Intentional Sabotage, and Cybersecurity attacks.

Your BCP should consider weaknesses and threats that could impact your company’s ability to operate at normal capacity. The BCP should detail actionable guidance for staff on how the company can mitigate the impact of “worst-case scenarios,” and quickly get back to normal operational status.  Remember at the core, a BCP is put in place to minimize damages and maintain the company´s reputation and viability.

How to create a BCP and what elements should it include?

There is a lot of guidance available online concerning how to construct a BCP. We encourage you to leverage these resources to gain a deeper understanding of Business Continuity. At AskDegree we have implemented BCPs for many of our clients and from our experiences, we have come up with a list of elements you should include in your BCP:

  1. Plan Champions – Identify all key stakeholders and detail their responsibilities within the BCP.
  2. Objective and Reach. – Be sure to properly scope out your plan to include all critical business areas and functions.
  3. Activation Guidelines – Clearly communicate what triggers the plan’s activation. Ensure all of your staff know when the plan should be activated.
  4. Holistic Approach – Don’t just focus on the reaction strategy, strengthen your plan by including a robust prevention and recovery strategy.
  5. Procedures: Leverage graphics, communicate with process diagrams or step by step descriptions. Procedures should be as clear as possible, clarity is critical when responding to a disaster.
  6. Checklists: Use checklists to keep track of procedure completion.
  7. Review Schedule – Plan should be reviewed at least annually to ensure BCP captures up-to-date information.

Disaster Recovery Plan (“DRP”)

The Disaster Recovery Policy is a subset component of the BCP. This policy’s purpose is to describe the procedures that must be followed in order to assure the organization´s quick and successful recovery after the disaster has occurred. A Disaster Recovery Policy can range in sophistication from basic to comprehensive. DRPs can be captured in a few pages or can be robust documents upwards of 100 pages long. It is important that your DRP fits your organization’s unique profile, off the shelf documents, though abundantly available online must be customized in order to get the full value and security that your organization needs.  Only a well-crafted DRP provides guidance to the company on how to recover your systems, personnel, and other critical aspects of your business from damages caused by the disaster.

Coronavirus Pandemic: How to mitigate the consequences of a global pandemic?

In a situation as unpredictable and altering as COVID-19, your most important tool is your perspective, it is extremely important to remain levelheaded, try to think clearly and resist the temptation to become panicked.

If you haven’t completed your BCP, that’s ok you can still put together a plan to minimize damages. The first step you should complete is an inventory of key business functions. A key business function can be simply defined as a function that if interrupted, will disrupt overall business activities. Examples of key functions include the sales function, a customer service system, or the shipping department. Work to put in place safeguards to ensure your key functions are protected, design workarounds to ensure minimal impact to these functions occurs throughout the pandemic.

We know social distancing is key to minimizing the spread of the virus, so if working from home is feasible for your business model, deploy this workaround sooner rather than later. But before deploying this solution be sure proper network security measures have been implemented (i.e. VPN).

Take it one step at a time.

The modern world is experiencing economic turbulence that is unfamiliar to us all. Educating yourself can empower you and your business, allowing you to weather this storm and come stronger on the other side. If you need assistance developing your Business Continuity Plan or Disaster Recovery Policy our team is ready to take your call.

Tags: , , , , , ,

Leave a Reply