Business Continuity and Disaster Recovery - Risk Analysis and Control

In the risk evaluation phase, there are a number of key areas that must be covered. One of the most important is to understand probable threats. In an ideal world, which most of us have noticed does not exist, we would identify and protect ourselves against all threats to ensure that our business continues to survive. Obviously, we are constrained by other factors such as budgets, time and priorities and need to apply cost benefit analysis to ensure we are protecting the most critical business functions.

A second important step is to identify all probable threats and prioritize them. Threats, typically, can be classified in several ways such as internal/external, man-made/natural, primary/secondary, accidental/intentional, controllable/not controllable, warning/no warning, frequency, duration, speed of onset etc. While classifying threats is helpful in terms of understanding their characteristics and potential controls, grouping and understanding by business impact is also important. Obviously, the same impact can result from a number of different threats.

Identifying mission critical business processes and systems is another fundamental building block of the business continuity plan. After your critical business processes and systems and probable threats are established, the next step is to identify vulnerabilities and loss potential. This requires an extensive scan of the organization to identify vulnerabilities and then analysis to understand those vulnerabilities which would have the greatest impact on your critical business processes and the organization. This starts to clarify and quantify potential losses, which helps to establish priorities.

Following the identification of the most probable threats and vulnerabilities, an analysis of existing controls is needed. This spans physical security as well as people, processes, data, communications and asset protection. Some controls such as physical security and data backup are obvious. Other controls required are often less obvious, but they can be identified through the risk evaluation process.

Once the key building blocks of critical business functions, most probable threats, vulnerabilities and controls are identified, the next stage is to develop an understanding of the probability of threats factored by the severity or impact of the threats. This leads to the business impact analysis phase which establishes priorities for protection.

The goal is to minimize threats, impacts and downtime and to mitigate any losses. Fundamentally, the goal is to protect your people, protect your data, protect your vital communications, protect your assets and to protect your brand and reputation. Overall, of course, the goal is to ensure your business continues to operate and to do it in a cost-effective way meeting standards of reasonable and prudent judgment.

About The Author

Robert Mahood has significant technology and management experience in data communications, internet, storage, disaster recovery and data recovery. He is currently the president of Midwest Data Recovery. www.midwestdatarecovery.com

bmahood@midwestdatarecovery.com, 312 907 2100 or 866 786 2595

More Resources

Unable to open RSS Feed $XMLfilename with error HTTP ERROR: 404, exiting

More Data Recovery Information:

Related Articles

Offsite Data Backup Not Just for Fortune 500 Companies Anymore
In today's high paced digital world there is a very high value placed on information. Not just the kind of information you read in the newspaper or your favorite trade journals, but the type of information that we generate on a day to day basis with our digital devices.
Data Recovery The Easy Way
If you aren't prepared in advance, you will most likely have to use a data recovery service or data recovery software solution to help get back as much as you can of what was lost. This can be a very good idea if there is no other way to recover your files, but it doesn't have to come to that in most cases.
9 Things to Look for when Considering Data Backup Solutions
It's one thing to loose data and money because of hackers and thieves of various kinds; it's a different thing again when it's because you didn't back up your data properly or not at all. Value your data! Whether it's that critical business document, your thesis, your website or your home accounts and precious photo's.
How To Use Spyware Elimination Software
Spyware elimination software is designed to detect andeliminate spyware. A large number of spyware eliminationsoftware products are available.
Comparing Data Recovery Software
Software programmers recognize the importance of data files, and thankfully, they have been able to create products that demonstrate their understanding of how often people accidentally delete or lose important data. Thanks to software programmers and development companies, people have a variety of data recovery software programs available to purchase in the event they've lost vital data.
The Seven Golden Rules Of Data Backups
Backups of company data are carried out for two main reasons. The first is to cater for those times when a document is inadvertently deleted or damaged and you wish to recover the original document; the second is as part of a disaster recovery plan in case something catastrophic happens to your computers (e.
Business Continuity and Disaster Recovery - Business Impact Analysis
Business impact analysis is a critical part of the business continuity planning process. This step quantifies data and gets into the real world issue of potential losses that can negatively impact your business.
I Lost It! Simple Guide To Recovering Corrupted Images And Files
WinUndeletehttp://www.deprice.
Backup Schmackup: Im Afraid, Very Afraid!
"Why should you be afraid?", I can hear you ask.I just got an email from my friend Miche who said,"My laptop is sick at the hospital.
Business Continuity and Disaster Recovery - The Business Continuity and Disaster Recovery Plan
Essentially, the plan addresses the who, what, where, why and when of recovery. Goal number one is to reduce the risk profile of the business.
Computer Data Recovery Options
Losing files on your computer can be a frightening experience if the files are of importance to you personally or professionally. Computer data recovery techniques include the most simple of operations, like simply retrieving an accidentally deleted file, to very complex file retrieval procedures that only professionals should attempt to do.
Protect Yourself Before Your Hard Drive Crashes
Almost everyone who has used a computer has experienced a hard drive problem at some point. Are you prepared to lose your data? If your hard drive crashes right now, do you have an action plan to follow?Most people get complacent about protecting the data on their computers.
How Secure Are Online Data Backups?
Processing DATA is what all businesses do. Protecting data is what SMART businesses do.
Data Recovery - You Can Get It Back!
Data recovery is a process whereby you can save data andfiles you accidentally deleted, had eaten by malicioussoftware or viruses, hardware failures, corporate espionageand many more scenarios. Most people believe that when thehard drive crashes their world ends also, but that's notusually the case.
Business Continuity and Disaster Recovery - Selecting A Business Continuity Strategy
The risk analysis and business impact analysis have identified risks to key business functions. Also, the potential impacts and probabilities of these risks as well as the costs to prevent or mitigate damages and the time to recover will have been established.
Online Data Backups for Newbies
How long have you been doing business online? Whether you are new or an old timer you need to understand the one important truth of the e-world. That being that the largest threat to business survival is data loss.
When Disaster Strikes: How Long Would Your Business Survive if Files On Your Computer Disappeared?
A Tornado? In Birmingham? In The United Kingdom? Unthinkable!Yes, in July 2005 (while I was putting finishing touches to my cave-house in Spain) my house, along with many of my neighbours' houses was struck by a powerful tornado that literally tore up the streets. Leaving people homeless as their homes were bulldozered (with all their possessions inside).
Sea-Front or Action-gate
June 25, 2005Seagate Technologies' web site now indicates the company offers data recovery services. Further investigation shows the shipping address, the place to send your subject drive for data recovery service, actually belongs to ActionFront Data Recovery.
How to Survive an Operating System Crash
"We apologize for the inconvenience, but Windows could not be accessed or located."It happens to the best of us.
Business Continuity and Disaster Recovery - A Business Not a Technology Issue
Hackers, hurricanes, fires, flooding, power outages, denial of service attacks, application failures, employee error, sabotage and now terrorism are helping companies to focus on the necessity of a business continuity plan.Through the late 1990s as companies prepared for Y2K, many IT executives, risk managers, CFOs and corporate managers realized that recovering computing systems, networks and data was not enough.