COVER STORY: DISASTER RECOVERYIan Stobie of Business Computer World talked to Peter Barnes to get an impression of how disaster recovery is currently being tackled by Survive!'s membership.
Q Since a lot of the ideas involved in disaster planning seem to be common sense, why is there any problem at all?
A The problem lies right up front, in getting the commitment to invest time and resources in doing any continuity planning in the first place. The actual process is not difficult, though it can be very time consuming. Most of it is common sense. The biggest problem is the 'It won't ever happen to us' attitude. People get caught out because when the worst happens they are ill prepared.
Q How do UK organisations compare with their overseas counterparts? Are they any better prepared?
A We are certainly better off than mainland Europe. In terms of the US I think some of the techniques we are using are considerably more sophisticated, but at the same time the Americans accepted continuity planning into common business practice at a much earlier stage than we did. There are some pluses and minuses to that - in some instances the task has now been delegated so low in the organisation that it is no longer effective.
Q Just how senior should the people involved be?
A It varies. You certainly need a sponsor at the very highest level to get the commitment behind you to fund the necessary investment, and build the necessary awareness throughout the organisation. But in practical terms the level at which the work is actually done tends to vary. In some organisations it's seen as being a director-level responsibility, and in others it's a senior manager's.
The danger is when you delegate responsibility too far down the line, as they have sometimes done in the States. That can undermine the credibility of the function. It can become almost too routine.
Q What's the first step in making a disaster recovery plan?
A The first step is to look at what sort of risks you are exposed to. The second step is to say, that's all very well, but what's the real business impact if any of those risks are realised? It may be that there is a very serious risk of a power cut, but a power cut may not affect you too badly. Whereas there may be a much lower risk of a 747 landing on the roof, but if it did it would put you out of business.
So you must first consider all the risks in those terms, then you can start to analyse where you put your investment and where you put your major effort into making contingency plans.
Q How important is it to rehearse the most likely and costly disaster scenarios?
A It is an essential part of the method of proper contingency planning. Unless you have actually tested your contingency plans how do you know they will work? You don't want to have to test them under real crisis conditions, you want to find out if they work under a constructed scenario in advance.
Q How do IT disaster plans fit into contingency planning for other areas of the business?
A At the end of the day if you get a bomb on your doorstep or a building burns down it isn't just the data centre that stands to get disrupted, but lots of other things including your manufacturing process and your interface with the customer. We try to approach the whole issue from the perspective of enterprise-wide business continuity. The focus is on the business process - a lot of which is going to involve computers. The obvious starting point is the IT recovery plan, but in most major companies it now goes on to take in broader issues.
More about Survive!
The organisation runs a programme of conferences and training workshops, but much of the activity takes place in more informal meetings run under the aegis of various special interest groups (Sigs). The Sigs reflect the interests of members in particular business sectors or geographical regions - for example City financial institutions or public sector utilities. Survive! has several grades of individual and corporate membership - standard individual membership costs #65 per year.
Survive!'s 1997 Spring Conference takes place at the Olympia Conference Centre, London on the 29 April to 1 May 1997. The exhibition Infosecurity 97 takes place at Olympia at the same time.
Contact: Survive! 0181 874 6266 www.survive.com
This page created by Ian Stobie [email protected]
Last modified 11 Feb 97
Copyright VNU Business Publications 1997
If you've got a comment, why not post it to BCW Interactive?
Think your password manager is completely secure? Think again...
ARM plans 7nm 'Deimos' for 2019 and 5nm and 7nm 'Hercules' for 2020
AI, VR and working on the morning commute - it's all to come
Development could pave the way for the next generation of rechargeable batteries