Business Continuity Planning (BCP)
Disaster Recovery (DR)
Disasters can strike at any moment. We often think of the big natural disasters such as hurricanes, tornados, earthquakes, and floods. But what about more localized disasters? What would your business do if a truck carrying hazardous materials flipped over in front of your place of business? Or if a water main broke and flooded your place of business. What if a severe flu epidemic required people (customers) to stay home for a month? Or the IT systems that run your business crash?
Business continuity planning (or business continuity and resiliency planning) involves the identification of prevention and recovery mechanisms in response to the potential threats to a company. Any event that could negatively impact operations or human life, and the associated mitigation strategies for each, is included in the plan. Events may include supply chain interruptions, loss or damage to critical infrastructure (e.g. major machinery or computing resources), and environmental disasters. Mitigation strategies may include technical resources, personnel roles and responsibilities, and associated policies and procedures. As such, business continuity planning is a subset of risk management and correlates with incident response and DR planning.
A disaster recovery plan includes documented policies and procedures an organization follows for the recovery and protection of IT infrastructure and data assets in the event of an environmental and/or facility disaster. An effective plan provides a comprehensive action plan to be observed by all applicable organizational units before, during and after a disaster.
Disaster recovery and business continuity are commonly confused, and are often considered a single activity. The primary distinction between disaster recovery and a business continuity plan (BCP) is that DR refers to the recovery of critical Information Technology components that facilitate business activities, and BCP refers to the physical and administrative provisions necessary to ensure the safety of human life and that employees are able to continue to conduct business if a disaster occurs (such as procuring alternative workspace and means for communication).
BRC services for Business Continuity Planning / Disaster Recovery
- Development of Business Continuity Plans
- Development of an Incident Response Plan
- Development of Disaster Recovery Plans
- Review of existing BCP Plans
- Facilitating testing of BCP and DR plans via table-top exercises or a full simulated disaster.
IT Risk Advisory Services TEAM