Disaster Survival & Business Continuity Planning: FAQs for SMBs

Disaster Survival & Business Continuity Planning: FAQs for SMBs

The recent natural disasters, earthquakes in Japan and tornadoes here in the United States, have provided a timely platform to discuss the importance of Disaster Recovery and Business Continuity Planning. Businesses that do not plan ahead for the worst-case scenario, will be caught off guard and left unprotected if and when unplanned disruptions threaten to completely shut down business operations.

Start planning before disaster strikes. Taking a proactive approach, as opposed to a reactive approach, to disaster survival will make all the difference in how your business weathers the storm (or the fire, or the tornado, or the flood).

Last week, ACE IT Solutions blog series on Disaster Survival for Businesses discussed 16 points that need to be considered when creating a Disaster Recovery and Business Continuity plan.  This week’s post features answers to businesses’ most frequently asked question about planning for disaster survival.

What is the difference between business continuity and disaster recovery?

Business continuity plans extend beyond technology to focus on critical operations and processes — business continuity determines how a company will continue to do business until a full recovery occurs. Disaster recovery is the process by which you resume business after a disruptive event. Events are not limited to natural disasters, such as floods, storms, and hurricanes; they also include fires that damage your physical property, and pandemics that affect business productivity. Malfunctioning technical systems, spam or viruses, or other system outages and downtime are covered under such plans.

What should be included in a Business Continuity and Disaster Recovery Plan?
A comprehensive plan needs to address how employees will communicate, where they will go, and how they will continue to do their jobs. Details will vary depending on the business. Every plan should address physical, IT, and human resources, and the business-critical processes most important to the company. The plan should designate a person or people responsible for maintaining and testing the plan, and executing the plan in in the event of a disaster.

What disasters should the plan address?
Risk assessment is a key component of business continuity and disaster recovery planning. An organization must first consider which disasters might realistically impact their business, then plan based on those scenarios. Disruptions includes the entire spectrum of scenarios from power failures to acts of war.

Possible crisis include:

  • Building fire
  • Long-term power outages
  • Hard drive failure
  • Floods
  • Internet connectivity failure
  • Data line failure
  • Earthquakes
  • Hurricanes
  • Epidemics that might cause a decrease in staffing
  • Transportation shutdowns due to weather
  • Terrorist attacks
  • Acts of War


Why is testing a Business Continuity and Disaster Recovery plan important?

Testing ensures that the business continuity and disaster recovery plan meets your current business needs so your organization will be fully prepared to continue business operations in the even of a serious disruption. Failure to test could mean major outages for your company. Critical business systems will not function properly. It could take days, or much longer, to bring your business back online.

What should be tested?
Typically, you would test systems related to your daily workflow and mission-critical business applications and processes to be sure your business can remain fully functional during a disruption.

Will testing disrupt our normal business operations?
Testing can be done in a way that avoids major disruption to your production environment. Virtualization as a disaster recovery strategy is popular because it allows for easy testing with very few disruptions. Our experts have the knowledge and skill to test plans with minimal impact on daily operations.

How often should we test?
That depends on nature of your business. Financial firms, which tend to be very dynamic and are required to have a working plan in place, should test quarterly. Biannual or annual testing might be suitable for less dynamic businesses.

Can businesses outsource contingency measures?
The most common outsourced services include offsite data storage, remote workstations, and consultants that assess your situation, determine the risks to your business, work with you to create a realistic plan that fits your budget, and document and test the plan.

ACE IT Solutions’ proven best-practice approach lowers program costs and speeds recovery time in the event of a disaster. Drawing on our expertise and technical knowledge, we will design and implement a plan customized for your business to ensure you have the tools in place to respond to a disaster with as little disruption as possible. Contact us for a consultation.

For more information, read the whitepaper:
Business Continuity & Disaster Survival Overview: Maintaining Business Operations when Disaster Strikes