Business Continuity - 1 Minute Of What, Why And How
05 Feb 2012 | Category: continuity-disaster-recovery | Author: admin
Business continuity management has been around for ages. Think of Noah's ark! Although many definitions exist, in essence it is about trying to avoid bad things happening to your business but having a plan if they do.
This can cover a lot of things such as taking out insurance, adding extra security measures or even changing the way you do things. It can reveal the need to create a specific plan. Eg how to work elsewhere in case your premises are out of action.
Since you cannot plan for every possible threat or spend a fortune on stuff you might never need, some tips and techniques have been developed to help you prioritise the planning aspect;
- Identify the really important things you do and what things you need to do them. Eg. You decide customer deliveries are more critical than marketing, training etc. You only have one delivery lorry. You get it serviced regularly and have arrangements to borrow a friend's lorry at very short notice.
- Plan for the effects of disruptions and don't get too bogged down in the causes. Eg. Your plan is in place to borrow another lorry at short notice. So it doesn't matter if it breaks down, gets clamped, stolen or damaged.
In the past business continuity management used to focus on threats to IT equipment and computer data. Nowadays it is recognised that you must consider all your crucial resources such as people, information, supply chains and reputation etc.
Why do it?
Modern business is tough and new threats are joining the old ones; computer viruses, theft, vandalism, severe weather, IT failure and floods. Terrorism and tornadoes make the news but quiet disasters happen more often, such as the leak that sprung over the weekend or the road works that have cut your phone line.
New ways of doing business put greater pressure on your ability to deliver. Everything depends on computers, supply chains are stretched across different countries and many functions have been outsourced. There seems to be less staff and more regulations. Journalists and lawyers are quick to pounce on every mistake. Customers can compare prices and switch suppliers at the click of a mouse.
Reasons to engage in business continuity management:
- Ensure the business survives disasters
- Reduce the costs of disruptions and emergencies
- Gain advantage over competitors by marketing your reliability to customers
A lot customers now want to see evidence of business continuity planning. In the UK Sainsburys supermarket has starting vetting its small suppliers. The recent Civil Contingencies Act requires health authorities, emergency services and local authorities to start assessing the business continuity plans of their many thousands of suppliers.
How to?
Ensuring the things your business needs (people, equipment, premises etc) are resilient is not an overnight task. It requires some deep analysis of your business to begin with and then a programme of testing and re-appraisal to ensure you are keeping up with change. Eg. New equipment, new products, new competition, new laws, your friends sells his lorry!
Large companies can employ staff dedicated to risk management and business continuity planning. Medium sized companies can kickstart their planning using consultants. (The Business Continuity Institute can provide a list.) One or two day training courses also exist.
Business continuity management is even more important for small businesses because their margins and budgets cannot withstand heavy knocks. There is some free information available on the internet including templates and guidance documents.
The Importance of Business Continuity Planning
17 Dec 2011 | Category: continuity-disaster-recovery | Author: admin
Business continuity planning is the process whereby a firm figures out a plan of action that it will take in the case of unforeseen events. The process anticipates risk and helps limit the downside that companies may experience when adverse events occur.
While these types of plans are common in large public entities, they often go uncompleted in emerging ventures. This is because emerging ventures typically have less resources and more critical day-to-day tasks to complete. As such, business continuity planning often gets pushed aside until it's too late.
Recent events ranging from Hurricane Katrina to the New York City Transit Union strike show that there are many adverse events that could arise with little or no warning. Such events often destroy businesses that are ill equipped to deal with them.
Emerging ventures must create business continuity plans. Such plans will include backing up work and communicating and/or meeting virtually when required among others. Regardless of the specifics of a company's plans, it must brainstorm potential situations and determine how it will deal with them before they occur.
Fortunately for emerging ventures, business continuity planning can also have positive short-term effects. By assessing multiple what-if scenarios, businesses often come up with new product and service ideas, or new ways of doing business that can increase profits even when no disaster occurs.
It is never too early to begin continuity planning, but clearly there are times when it is too late. As a result, sitting down and beginning your plan today is good business.
Five Steps to Protect Your Business System from a Disaster
28 Oct 2011 | Category: continuity-disaster-recovery | Author: admin
You never know when disaster might strike. If one happens, the first thing on your agenda as a staffing business owner or manager, after assuring the health and safety of yourself and others will probably be: "How are we going to do business?"
The lifeblood of any staffing business is information. Your client data, orders, assignments, employee information, payroll and billing data, and more. Information that's locked securely away in your software and systems, unless they are destroyed in some kind of disaster. While you can't anticipate when or if a disaster might occur, you can prepare for the possibility of such an event.
How do you get started? There are essentially five steps that must take place in order to protect your hardware and software investment from a natural disaster:
- Create a Disaster Recovery Team
- Develop a Disaster Recovery Plan
- Test the Plan
- Communicate the Plan
- Implement the Plan
Let's break these five steps down one by one to provide more specifics:
Create a Disaster Recovery Team -- Disaster preparedness and recovery is a team effort. There must be a group in place that has been briefed on what procedures and protocols to follow should an event take place. This team should be made up members from four organizational components of your firm:
- Information Technology -- the team member that is most critical to success
- Operations -- your customer liaison
- Administration -- the finance side of the business
- Management -- Buy in from the top is critical
Each member of the team is important but look to your IT representative to pull the whole plan together and make it work.
Develop a Disaster Recovery Plan -- Now that you have pulled together a team, it is time to put your plan down on paper. Remember that your plan should be flexible enough to handle different types of disasters, everything from a simple power outage all the way up to a major incident. The plan should include three phases, which are:
- Preparation phase -- what are you going to do before the event to ensure that you are ready?
- Implementation phase -- now that the event is upon us, what do we do?
- Post audit phase -- now that we have implemented our plan, what needs to change?
Input from all business unit representatives on your team is critical. While building the plan each team member should be considering three basic questions:
- What could my group do to prepare?
- What will we do to keep the business running in the event of a catastrophic situation?
- What dependencies upon other groups do I have, and have I spoken to those people about their ideas, suggestions, and concerns?
You'll probably want to gather some additional information to assist you in developing a comprehensive plan that's right for your staffing business. Then, assemble the following information:
- Organization chart showing names and positions
- Staff emergency contact information
- List of suppliers and contact numbers
- List of emergency services and contact numbers
- Operations and Administrative procedures
- Asset inventories
- IT inventories
- IT system specification
- Copies of critical software
- Communication system specification
- Copies of maintenance agreements and service level agreements
- Off-site storage procedures
Test the Plan -- Once the plan is developed and documented the next step is to test it with a dry run. This will take a detailed level of coordination among the Disaster Recovery Team members. The idea is to keep this test as realistic as possible. That may mean that it happens in the middle of the night and the group has to assemble and report into the team leader. It is better to test it when you don't need it instead of finding out at crunch time that there are holes in the plan.
After completing the test, there will surely be some modifications. These changes will be uncovered once the team has a chance to sit back and review each phase of the plan in detail. You should test your plan at least once a year and then update it as needed. Open communication is important to successfully modifying the plan so it will work for your company.
Communicate the Plan -- Now that you have a tested plan that you're confident in, don't keep it under wraps! Let your entire company know that you have a plan, that a team of representatives from each department was involved in the creation of the plan and that if disaster should strike -- you will be ready. There should be a representative from each of your business units that is responsible for communicating the plan to their peers. The plan should be well-documented, including contact information for the primary and secondary stakeholders, and then distributed to the entire company.
Don't forget that communication of your disaster plan extends to your clients, candidates, and associate employees as well. Letting them know that you have a plan in place gives them the assurance that you're thinking of the business relationship you have with them and that you will do everything possible to maintain it.
There is an added bonus to this complete and thoughtful level of communication. This will give your staff an increased feeling of confidence and preparedness. It may also encourage your staff to take this 'plan before you need it' approach in their daily work lives.
Implement the Plan -- When the time comes, don't panic, implement. You have prepared, documented and tested -- now put it into action. Remember, this event wasn't scheduled, so be as flexible as possible in a time of crisis. You have been proactive in your planning but implementation is a time to also be reactive to the current situation. Also, remember to perform a post audit after the dust settles. Constant evaluation of your plan based on what you learn will ensure that is up to date and as efficient as possible.
Each of these five steps is critical to the success of the overall goal of being prepared. Your company and your situation are unique but the guidelines detailed above offer a blueprint for preparedness should a disaster occur. With a strong plan in place before any disaster, you'll be able to get your business running with the least possible impact.
SIDEBAR: One staffing firm's Disaster Recovery Plan.
Hurricane season hit Florida hard in 2004, and Britt Landrum III, Chief Technical Officer of Landrum Staffing Services in Pensacola, knew that he was lucky to have survived without significant damage to his business. He was determined to implement a disaster recovery plan for their information systems so that he would have greater peace of mind in the future.
Britt considered setting up an offsite environment in Pensacola to house another server to support their staffing software for emergency purposes. Exploring his options to this plan, he spoke to his staffing software vendor, VCG, about housing his server in VCG's state of the art facility in Atlanta.
For his plan to work, Britt needed to have a parallel computer hardware/software environment ready on a moments notice so that his business would experience minimal interruption in the event of a disaster. VCG has a reliable history of hosting multiple environments for their customers, so they were quickly able to come up with a solution tailored for Landrum Staffing's needs.
VCG's proposal was elegantly simple. A 'snapshot' of Landrum's data (changes to the data made that day) in Florida would be made each evening and then downloaded to the server in Atlanta. The server, the staffing software, and the data would then be instantly available to Landrum's staff should they need it through a remote connection.
In addition, VCG would take care of all the day-to-day management of the server in Atlanta. VCG would charge a fixed monthly rate for the disaster recovery services, just as they would for an ASP or Managed Services customer.
Britt Landrum was quick to point out that, "VCG's continuous commitment to our relationship and the way that they support their products were the driving factors behind our partnering with them on this project", said Britt. "We have a long history with VCG as clients since 1978, and they have always been there to support us when we needed them."
Page 1 of 11 Last >> Next > < Previous << First