business continuity planning, BCP, business continuity plan, continuity planning, business impact analysis, disaster recovery plan, disaster recovery, business continuity, continuity plan, recovery plan

BUSINESS CONTINUITY PLANNING:
ARE YOU
GETTING IT RIGHT?


Does Your Business Continuity Plan (or Disaster Recovery Plan) Really Match Your Requirements?

The need for good business continuity planning and a sound business continuity plan (BCP) is now almost universally accepted.

However, prior to creation of a business continuity plan (or disaster recovery plan) it is important to understand the actual continuity needs of the business or organization. This may sound common sense, but all too often plans are developed without due or proper consideration of actual needs.

The definition of continuity requirements should sensibly be driven by business impact analysis and risk assessment..... STOP RIGHT THERE! It is well worth thinking about this statement.

Surely, without understanding what the potential impacts of unavailability actually are for your organization, and without establishing how great the risks of these scenarios occurring actually are, you are hardly placed to create an appropriate business continuity plan or disaster recovery plan!

The bottom line is that business impact analysis and risk assessment are fundamental to adequate business continuity planning and disaster recovery planning.

business continuity planning, BCP, business continuity plan, continuity planning, recovery plans, business impact analysis, disaster recovery plan, disaster recovery, continuity plan

Business Impact Analysis

But what is business impact analysis? At a basic level it is a means of systematically assessing the potential impacts resulting from various (unavailability) events or incidents

Commonly, impacts resulting from other types of incident (such as breach of confidentiality or loss of data integrity) are simultaneously explored, but this need not be the case when only considering business continuity planning or disaster recovery. However, there are certainly advantages to undertaking a comprehensive and wider focused exercise.

The business impact analysis, or 'BIA', is intended to help you understand the degree of potential loss (and other undesirable effects) which could occur. This will cover not just direct financial loss, but many other issues, such as loss of customer confidence, reputational damage, regulatory effects, and so on.

Risk Assessment

Following on from this stage, the actual events which could create these impacts should be explored... the basis of risk analysis. This again is pure logic: in deciding how sophisticated (or expensive!) your business continuity plan and disaster recovery options should be, surely both the severity of the impact and the likelihood of the potential disaster are pertinent issues.

Risk assessment itself is a sophisticated science, embracing a number of elements - threats, vulnerabilities, controls, etc. There are, however, a number of methods and tools available to help!

business continuity planning, BCP, business continuity plan, continuity planning, business impact analysis, disaster recovery plan, disaster recovery, business continuity, continuity plan, recovery plan


HOW TO PERFORM THESE PRE-REQUISITE TASKS

COBRA is a knowledge based PC product designed to guide you through this preliminary but essential exercise. It will guide you through the business impact analysis and then carefully measure your risks, making specific recommendations where appropriate.

Specifically, it will:

The COBRA approach offers a number of distinct and essential advantages over traditional review tools. It is the ideal support tool for business continuity planning and disaster recovery planning, and is used by many major organizations worldwide.

PRODUCT MODIFICATION
Through an optional Module Manager component, the facility is also provided to tailor the system to unique individual requirements or company culture. The questions, reports, underlying profiles and recommendations can all be readily and easily changed using this system.

business continuity planning, BCP, business continuity plan, continuity planning, business impact analysis, disaster recovery plan, disaster recovery, business continuity, continuity plan, recovery plan


Further Information

For more information on the COBRA system, please do not hesitate to contact us.

You can also download a trial version of COBRA from our download area:

BCP File Download AreaBCP

The quality of your business continuity plan or disaster recovery plan could be critical to your organization. However, if you haven't based this upon a recognized business impact analysis or risk assessment method, how do you know if you have got it right.... and how do you justify its contents?


 

FINALLY.... BUILDING THE PLAN

Having established the method to make your plan effective, and having acquired the tools to ensure this, you may well require a template with which to build it. We recommend the Business Continuity Plan Generator for this task. It is simple to use (always recommended) yet extremely effective.


 


web Web Links web

Links to COBRA related information on the Web.


 


business continuity planning Copyright 2002 C & A Systems Security Ltd email
Business Continuity Plan News