Business Continuity Planning is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions. These activities include many daily chores such as project management, system backups, change control, and help desk. Business continuity is not something implemented at the time of a disaster; Business Continuity refers to those activities performed daily to maintain service, consistency, and recoverability.
Disaster Recovery Planning (DRP) is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster. Disaster recovery is a subset of business continuity.
Business Continuity / Disaster Recovery Plans come in various forms, each reflecting the corporation’s particular set of circumstances. The following are some of the general step required to develop and implement a plan.
- Policy Statement (Goal of plan, reasons and resources)
- Business Impact Analysis (how does a shutdown impact the business financially and otherwise)
- Identify Preventive Steps (can disaster be avoided by taking prudent steps)
- Recovery Strategies (how and what you will need to recover)
- Plan Development (Write plan and implement plan elements)
- Plan buy-in and testing (very important so that everyone knows the plan and knows what to do)
- Maintenance (continuous changes to reflect current situation)