Follow a Planning Process – Business Continuity Whitepaper
Once you have the go-ahead, how do you actually get started? Fortunately, there are a pretty standard set of things a business continuity plan should encompass. Obviously the first priority is to protect human life. However, much of the planning focus is necessarily on how to manage the smaller, less critical events, which happen much more frequently than catastrophic ones. According to Tom Olzak, an author and blogger for CSO online.com who has almost three decades of experience in network engineering and security, well-planned business continuity event management has several goals:
To minimize the business impact of each incident.
To address human safety.
To mitigate corporate liability due to lack of due diligence.
To meet regulatory requirements.
To protect the organization’s public image by a fast, professional response.
“A business continuity plan includes all documentation necessary to mitigate business impact and to recover broken processes,” Olzak writes. Chief among those are plans for putting manual processes in place, so that you can continue to deliver products or services—even at a lower level of output—until the business has fully recovered.
The plan should also include instructions for recovering individual devices or systems, disaster recovery processes for catastrophic events, and possibly contacts or agreements for alternate data centers or business office sites as well as alternate staffing.
Part of the initial planning process should include creating a list of stakeholders for each supported system. These lists will become part of your overall incident response plan. According to Olzak, stakeholders might include: data owner, process owner, managers, public relations, legal, security, help desk, facilities management, labor unions, and key customers.
Follow a Planning Process – Business Continuity Whitepaper
Once you have the go-ahead, how do you actually get started? Fortunately, there are a pretty standard set of things a business continuity plan should encompass. Obviously the first priority is to protect human life. However, much of the planning focus is necessarily on how to manage the smaller, less critical events, which happen much more frequently than catastrophic ones. According to Tom Olzak, an author and blogger for CSO online.com who has almost three decades of experience in network engineering and security, well-planned business continuity event management has several goals:
“A business continuity plan includes all documentation necessary to mitigate business impact and to recover broken processes,” Olzak writes. Chief among those are plans for putting manual processes in place, so that you can continue to deliver products or services—even at a lower level of output—until the business has fully recovered.
The plan should also include instructions for recovering individual devices or systems, disaster recovery processes for catastrophic events, and possibly contacts or agreements for alternate data centers or business office sites as well as alternate staffing.
Part of the initial planning process should include creating a list of stakeholders for each supported system. These lists will become part of your overall incident response plan. According to Olzak, stakeholders might include: data owner, process owner, managers, public relations, legal, security, help desk, facilities management, labor unions, and key customers.