Business Continuity and Disaster Recovery - Risk Analysis and Control

In the risk evaluation phase, there are a number of key areas that must be covered. One of the most important is to understand probable threats. In an ideal world, which most of us have noticed does not exist, we would identify and protect ourselves against all threats to ensure that our business continues to survive. Obviously, we are constrained by other factors such as budgets, time and priorities and need to apply cost benefit analysis to ensure we are protecting the most critical business functions.

A second important step is to identify all probable threats and prioritize them. Threats, typically, can be classified in several ways such as internal/external, man-made/natural, primary/secondary, accidental/intentional, controllable/not controllable, warning/no warning, frequency, duration, speed of onset etc. While classifying threats is helpful in terms of understanding their characteristics and potential controls, grouping and understanding by business impact is also important. Obviously, the same impact can result from a number of different threats.

Identifying mission critical business processes and systems is another fundamental building block of the business continuity plan. After your critical business processes and systems and probable threats are established, the next step is to identify vulnerabilities and loss potential. This requires an extensive scan of the organization to identify vulnerabilities and then analysis to understand those vulnerabilities which would have the greatest impact on your critical business processes and the organization. This starts to clarify and quantify potential losses, which helps to establish priorities.

Following the identification of the most probable threats and vulnerabilities, an analysis of existing controls is needed. This spans physical security as well as people, processes, data, communications and asset protection. Some controls such as physical security and data backup are obvious. Other controls required are often less obvious, but they can be identified through the risk evaluation process.

Once the key building blocks of critical business functions, most probable threats, vulnerabilities and controls are identified, the next stage is to develop an understanding of the probability of threats factored by the severity or impact of the threats. This leads to the business impact analysis phase which establishes priorities for protection.

The goal is to minimize threats, impacts and downtime and to mitigate any losses. Fundamentally, the goal is to protect your people, protect your data, protect your vital communications, protect your assets and to protect your brand and reputation. Overall, of course, the goal is to ensure your business continues to operate and to do it in a cost-effective way meeting standards of reasonable and prudent judgment.

About The Author

Robert Mahood has significant technology and management experience in data communications, internet, storage, disaster recovery and data recovery. He is currently the president of Midwest Data Recovery. www.midwestdatarecovery.com

bmahood@midwestdatarecovery.com, 312 907 2100 or 866 786 2595

More Resources

Unable to open RSS Feed $XMLfilename with error HTTP ERROR: 404, exiting

More Data Recovery Information:

Related Articles

Is Your Backup Good Enough?
As someone who has seen quite a few hard drive crashes over the years, I believe that performing a full backup of your computer's hard drive should be an important part of your weekly (if not daily) routine. There's nothing more frustrating & costly than trying to restore a computer with only a handful of Floppy disk drives, a couple of scratched CD-ROMs or poorly stored backup tapes.
Business Continuity and Disaster Recovery - Reducing Your Risk Profile
Like all plans, there is an ultimate goal to achieve. The goal in a business continuity plan is simply that: to continue your business in the face of a disaster or a disruption.
Disaster Recovery Made Easy With Online Backups
Whenever disaster strikes the most critical asset that every company should have protected from sudden loss due to fire, flooding, or theft is their data. No matter what happens to your hardware you can be sure to be able to be up and running no matter how sudden or how severe your damage or loss is - if you use an online backup system.
Are The Words Business Continuity and Disaster Recovery Planning Rolling Off Your Lips?
It might be more fun to talk about those free online business cards that are saving the company money, or those nifty designer business checks that are helping to solidif your branding efforts at the next staff meeting, but what really should be rolling off your lips are the words "business continuity and disaster recovery planning". Nothing is more important to a company than having a comprehensive recoveery plan in place prior to when disaster strikes.
When Disaster Strikes: How Long Would Your Business Survive if Files On Your Computer Disappeared?
A Tornado? In Birmingham? In The United Kingdom? Unthinkable!Yes, in July 2005 (while I was putting finishing touches to my cave-house in Spain) my house, along with many of my neighbours' houses was struck by a powerful tornado that literally tore up the streets. Leaving people homeless as their homes were bulldozered (with all their possessions inside).
Data Recovery: Beginners Tips
Right now you probably in a lot of mental pain, and all you're concerned about is recovering your data as quickly as possible - so we'll refrain from comments on the wisdom of regular back ups. The time for preventative measures has gone - the issue at hand is data recovery.
5 RAID Data Recovery Prevention Tips
If you have spent the time to increase your computer'sperformance by setting up a hardware RAID array, you owe it toyourself to invest a little extra time and effort in maintainingthe hard disks in your setup. Following these tips will helplimit the need for data disaster recovery in the future.
Comparing Data Recovery Software
Software programmers recognize the importance of data files, and thankfully, they have been able to create products that demonstrate their understanding of how often people accidentally delete or lose important data. Thanks to software programmers and development companies, people have a variety of data recovery software programs available to purchase in the event they've lost vital data.
Backing Up Personal Computers
Backup on business computers is typically not the user's concern unless it's a small business. A business should have a policy in place for managing backups especially due to Sarbanes - Oxyley.
The Best Data Recovery Choice For You
The best defense against a loss of data is a really solid and faithful backup routine of important files to reliable media. It's also a good idea for the media to be removable and portable if possible so that even if something happens to your whole computer for any reason, the data is protected by being in a totally different physical area.
How to Survive an Operating System Crash
"We apologize for the inconvenience, but Windows could not be accessed or located."It happens to the best of us.
Computer Data Backup - Data Backup Solution Will Give You A Peace Of Mind
Imagine that you have been working on a file for the entire day and there was a power surge that caused your computer to 'black out'. It would have been a frustrating experience for us as we had put in a lot of time and effort into it.
Did You Loose Your Windows XP Password? What Should You Have Done Before it Happened?
There is a common problem that happens with lot of computer users. This problem is the loss of a password.
Business Continuity and Disaster Recovery - The Business Continuity and Disaster Recovery Plan
Essentially, the plan addresses the who, what, where, why and when of recovery. Goal number one is to reduce the risk profile of the business.
3 Simple Steps To Organize Your Critical Online Home Based Business Directory
If You are running an Online Work at home Business it is very critical that you create a well organized directory structure. The Obvious advantage of an organized Directory structure is it makes it easy to find what you need.
Backup Schmackup: Im Afraid, Very Afraid!
"Why should you be afraid?", I can hear you ask.I just got an email from my friend Miche who said,"My laptop is sick at the hospital.
5 Simple Tips to Prevent MS Access Database Corruption
It's important to understand that any time an Access client disconnects unexpectedly, it may set a "corruption flag" in the .mdb file indicating that the database is in a corrupt state (regardless of whether any data has actually been corrupted or not).
Do I Really Need To Backup?
Okay, computers a machine, right? Okay, maybe not yours. Youhave this special relationship, but that a subject foranother article.
3 Ways Computers Can Hurt Your Ministry - Part 1 - Ineffective Data Backups
Our computers have become almost indispensable ministry tools. What would you do if the worst happened and you had to function without your computers? Would your ministry survive?This article is the first in a 3-part series on how to protect your ministry from serious computer-related loss.
Hard Drive Crash? The Essential Data Recovery Report
Your worst nightmare just became a horrifying reality. You keep hearing that little voice in your head mockingly shout "you should have backed that stuff up" The voice keeps echoing throughout your head as you perform a quick inventory all of the important information that you just lost?.