Business Continuity Planning

AuthorBruce Walters

Page 52

Organizations are faced with a variety of threats and vulnerabilities, and these continue to evolve. Business disruptions can include natural disasters such as floods, fires, hurricanes, and power outages. Since 9/11, the threat of man-made disasters such as terrorist attacks has taken on a sense of urgency as well. The increasing density of our population further exacerbates the threats posed by both natural and manmade disasters. Although business continuity planning and disaster recovery planning are now generally recognized as vital, creating and maintaining a sound plan is quite complex.

Business continuity planning addresses the prospect that a disaster might interrupt an organization's business operations. Whether an organization is for-profit, non-profit, or governmental, the need to mitigate disaster risks has become especially salient. Firms should evaluate their degree of exposure to disaster, both externally (e.g., floods, fires, hurricanes) and internally (e.g., HVAC failure, sabotage).

A business impact analysis helps management to understand the criticality of different business functions, recovery time required, and the need for various resources. The question of which corporate functions receive top priority should be addressed. In selecting a strategy to protect the organization, cost-benefit comparisons are made with regard to the effects of doing without various services and functions (e.g., call centers, production locations, proprietary data) at specific points in time, and developing plans for optimum recovery periods for each service and function.

Thus, a business continuity plan includes the procedures and information about resources to help an organization recover from a disruption in its business operations. In the financial markets, major industry players have responded to the 9/11 terrorist attacks by attempting to deal with future risks, especially risks regarding trading operations. But because most networks rely on the open Internet, viruses or other service attacks remain potential threats.

A central office failure brought about by a fire or power outage can also affect trading operations.

Page 53

Redundancy (including back-up sites and additional staff and technologies) is recommended, albeit expensive. An additional risk is that an entire network (such as AT&T) might go down. Jay Pultz, research vice-president at disaster and business continuity consultancy firm Gartner, Inc., is concerned that failures will increase because the companies that provide the networks are collapsing their infrastructure to a single backbone, as opposed to separate backbones for the Internet, phone, data, etc.

Business continuity and disaster recovery planning can demand a great deal of resources. For...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT