What constitutes the need for an emergency response? A system failure can range from an inconvenience to a failed business. Length of down time and the amount of data loss will typically factor heavily in the business impact.
In planning for disaster, roles must be defined in conjunction
with the recovery procedures. Who will
be in charge, who will determine the impact, which person will be responsible
for status updates? Has the notification
chain been created and tested?
The Hot zone is
where the incident occurred. In an
online, virtual world this may not be your place of business. Disasters can occur to cloud or hosted
providers as well. Up time and available
time are two separate categories of availability. In cases of natural disaster does the
affected operation have a disaster recovery site geographically separated from
business operations and the point of failure or disaster? Have key personnel been identified and do
they have access to the alternate site?
The Warm zone is a
transitional area between Hot and Cold sites. This may be a physical area or virtual
area. It may be the same location in
cases where there is a system down, but no physical damage. In cases of natural disaster is often a safe
place near the disaster where status can be checked, yet far enough away to not
be in harm’s way.
The Cold zone is
either a neutral area or the remote area where responsible people can delegate recovery
tasks and notify users, customers, suppliers when necessary of status updates. This is where press releases can be
issued, personnel and resources coordinated and delegated.
Priorities varry depending
on the extent of the disaster. In
cases of physical or natural disasters first priorities should be to the health
and well being of personnel, then protection and recovery of resources. In cases consisting of physical or
operational equipment failures these steps are typically not necessary. The next priorities are to assess the
problem, determine its impact and to estimate recovery times for partial and
full recovery.
First thoughts. What is/was the hazard, disaster or affected resource? Have the responsible people been notified? What resources are at risk, what resources
are likely to become at risk? What is
being done to contain the risk? Who is coordinating
the emergency response? Are there others
that need to be notified?
Support functions. What resources can be notified to provide
support and recovery? Are emergency response personnel to be notified? How and which communications methods can be
used to notify employees, customers and suppliers? Who and how are facility and equipment repair
and remediation personnel notified? What
other resources can be contacted for immediate or future response?
Public relations. Does the disaster or incident require a
public relations media expertise to notify the affected parties and mitigate
the loss of reputation?
There are many aspects to any critical interruption in
service. There are many ways to
prepare. The point to first consider is
if your organization has acknowledged the possibility and has consulted with
others to create a recovery and continuity plan.
Businesses come in
all shapes and sizes as due risks.
1. What
are you doing now to prepare?
2. What
can you do now to prepare?
3. What
will you do to prepare?
We would like to hear your thoughts. Please
share your comments in this blog. We
would love to hear your feedback.
No comments:
Post a Comment