What is a disaster recovery plan?
A disaster recovery plan is a documented process or set procedures which are to be followed in order to recover and protect a business’ infrastructure in the event of a disaster. These plans are often documented in written form and help specify the procedures an organisation has to follow in the event of a disaster. They are made-up of consistent actions to be implemented before, during and after this particular disaster. The disaster is generally classed as natural, environmental or man-made. Many of the man-made disasters tend to be intentional. For example, many of the terrorist attacks we see on the news, whether physical activity or some form of cyber activity can be put into this category.
What should be considered when making one?
The key topic to start with is the identification of key assets and definition of the business impact of the loss of each asset. This is a critical step as you need to know specifically what you’re protecting and what its value to the business is, to define how it should be protected. This helps to identify the importance of each asset, so you can decide whether one is more important than the other or they are of equal value to the company.
Once you have defined the assets that you are taking action to protect, you need to determine how long you can go without access to this resource. This is essentially the recovery time for each asset. The recovery plan is going to be less expensive if your assets can be unavailable for 3-5 days following a disaster. Whereas, if you cannot afford to be without these assets for this amount of time and you need them sooner, then it will be progressively more expensive.
It should be a top priority to have a well-organised, accurate and up-to-date list of contacts for each function or role. This includes an emergency contact home and cell phone number, email address (remember, business email may not be accessible due to system failure). It’s a necessity to maintain a strong chain of communications in order for instructions to be distributed. It is important to be able to move quickly, and efficient communication is the key to this.
Is there now a requirement for disaster recovery plans to be implemented globally?
There is a pressing demand for disaster recovery plans to be implemented worldwide due to the recurring physical and cyber attacks across the globe. However, to implement the plan successfully, it means a strategy is needed. At Fresh01, we help to enforce the strategy best fit for your company and provide guidance for applying this across the firm.
How can you best disseminate the crucial information to large staff bodies?
The best way to disseminate the crucial information to large staff bodies is through an online interface. If this information was available to staff online, then it could be accessed anywhere in the world on a desktop or portable device. All employees are able to engage in the same learning resources in different locations all over the world, which reduces the initial cost of training due to no travel/accommodation costs. Generally, all companies in different sectors will have a disaster recovery plan in place. But, the available assets to help improve our knowledge continues to progress, essentially outdating many of the sources of information. The remote delivery of material via the internet allows instructors to keep materials up-to-date. Fresh01 are experts in creating premium interactive learning courses and can develop courses that are compatible with portable devices, such as mobiles and tablets.
What is the main concern of a disaster plan and how can you overcome them?
The main concern of a disaster recovery plan is that they are given to employees to read on a sheet of paper. This can be classed as a poor way of training for a potential disaster because they will not have had any interactive experience to help retain the knowledge. Employees are more engaged when involved in interactive learning, whereas, reading about a scenario on a piece of paper doesn’t create the same experience for them. Employee training is absolutely critical. So, when individuals are educated on their role in the event of a disaster, they will be more familiar with how to execute their tasks. Also, they will understand the roles around them and will be able to seek instruction from colleagues if it is required. If people are not trained and are unfamiliar with their responsibilities, the disaster will go very badly.
How can you best measure the success/failure of implementing a plan across a large organisation?
One way to measure the success/failure of implementing a plan across a large organisation would be to analyse the success and satisfaction rate of the training. This evaluation is carried out through surveys, feedback forms or questionnaires. The results give valuable information on the quality of the course, therefore identifying any adjustments that need to be made. This could include the quality of the materials and content.
Another way to measure this is to identify as to whether employees are applying their newly learned skills from the training course in their day-to-day tasks in the workplace. This involves observation, performance benchmarks, interviews with their immediate superiors.
How can you revise/devise a disaster recovery plan?
A disaster recovery plan is revised/devised by following the level of risk, which is essentially adjusting the plan in relation to the constant disasters occurring in the world. For example, disasters were previously identified as incidents caused by natural conditions. Whereas, there seem to be very few of these nowadays. So, every time disasters are reported, they seem to be terrorist related. Therefore, it means that the disaster recovery plans need to be crafted in regards to terrorist situations in order for it to be distributed throughout the company to all members of staff.
At Fresh01 we are experts in supporting clients to determine the appropriate training strategies for disaster recovery and security mitigating measures taken by large corporate organisations. We work with partners such as Prudential, JP Morgan, Smiths Group and Lockheed Martin. We provide advice and guidance for their physical and cyber-awareness strategies, deployed via exceptional interactive learning courses and the use of learning management software, employee performance measurements and metrics. Also, gamification techniques and video sequences which can either be filmed on location with senior directors or actors for the maximum emotional effect on learners.