Turnbull Consulting Inc.

TCI Recovery Philosophy

Continuity Recovery Services

Project Management

IT Strategic Planning

Experience

 

 

 

    Home



        

Business Risk Assessment | Technology Vulnerability Assessment | Business Impact Analysis
Technology Recovery Audit | Department Vulnerability Assessment | Business Continuity Plan
Environment Assessment | Disaster Recovery Plan | e-Business Recovery Plan
Network Recovery Plan

    4.   Environment Assessment

The EA is an evaluation of the current technology infrastructure. Reviews are completed for the current backup procedures, off-site storage facilities, and security for the general office and data center. Reviews are completed for systems management, computer operations, networks, and all mainframe, mid-range and server-based computing environments. From these reviews, recommendations are made on improvements that will assist in facilitating a smooth recovery in the event of a disaster. Particular emphasis is placed on backup and recovery procedures and the off-site storage of the backups. The reason many disaster recoveries are negatively impacted is the lack of availability of up-to-date backup data. When backups are not completed fully, or the media is not moved off site, then recovery can be almost impossible. The EA allows for this evaluation, and the recommendations resulting from the EA assist in defining critical technology recovery requirements, which will be included in the Disaster Recovery Plan.

    5.   Disaster Recovery Plan

The Disaster Recovery Plan could be called the Technology Recovery Plan as it is used to build all the procedures and tasks necessary to recovery the technology infrastructure should a disaster occur.

The DRP establishes all the teams required to complete a recovery. Along with team identification, the tasks that need to be completed by the teams before, during and after a disaster are listed. This allows teams an opportunity to train and assess how long it will take to complete certain tasks.

A complete summary of all backup and recovery procedures is included in the DRP manual. This allows those performing DRP tasks to understand what was intended with the backups and the completeness of the backups at any given point in time. Inventory lists associated with off-site storage are also included and provide information for backup recovery and ultimately synchronization of data at the conclusion of the disaster recovery.

Because teams are so critical to the recovery process a section is included which outlines training requirements for executives, team leaders, and team members. This section also includes information being passed on to all staff and interested external parties.

The most important section of the DRP manual is the team implementation section. This documents all steps that should be taken from the time of disaster notification through establishing operations at an alternative or hot site environment.

The tasks and teams included in this section require quarterly reviews by team leaders and team members to insure all technology or business changes be accounted for in the recovery tasks.

Several hundred hours will go into the preparation of a DRP; however, the work will provide little value to the company over the long term if the plan is not tested. DRP testing suggestions are made; however, each test, recommended to be annually, will require that this section be updated to meet the current testing requirements.

Additional information in the DRP manual includes returning to the normal computing environment, DRP manual maintenance, team member contact information, vendor information, recovery procedures, etc. Additional unique information will be included in the manual as it is determined to be of value when building the DRP manual for each individual client of Turnbull Consulting, Inc.

    • e-Business Recovery Plan

Everywhere you look e-commerce, e-business, business-to-business transactions, and Internet-based businesses are challenging traditional brick and mortar businesses. The Internet and e-commerce dominate many discussions in companies who are already on the Internet or are planning to get on the Internet.

What is not being discussed is the need for an e-Business Recovery Plan (e-BRP). Unlike traditional Disaster Recovery Planning (DRP) e-BRP must be discussed during the initiation of the e-commerce project for your company.

There are numerous issues that you must consider from the initial design of security features to the infrastructure of the technology that will support your e-business applications.

Development, testing, modifications, risk management, and backups will all take on a greater degree of criticality in this new e-business environment.

Most critical will be your company's ability to recover from any failure that could occur regardless of cause. Cases of failures could include system malfunctions, network interruptions or failures, hacker attacks, denial of service problems or problems that have yet to occur on the Internet.

To establish an e-business recovery plan the following steps should be followed:

        1. e-Business system design - evaluation of security, backup and recovery plans.
        2. Business Impact Analysis (BIA) - Understanding the impact of a failure will have to determine the correct e-business recovery actions to be taken.
        3. Environment Analysis (EA) - Reviewing current practices and procedures in place to develop, maintain and backup the existing e-business applications.
        4. e-Business Recovery Plan (e-BRP) - Building the e-BRP to meet the recovery requirements established during the BIA.

§         Network Recovery Plan

The ability to support e-commerce, e-business, business-to-business transactions, and Internet-based businesses are challenging even the most sophisticated IT infrastructures.

The Internet or dot.com and e-commerce environments play an ever-increasing role in our business environments. For this reason the need to be able to recover the telecommunication network is even more important than ever. In fact, network downtime may no longer be acceptable when support some highly critical applications.

For this reason it may be necessary to split out a separate recovery plan specifically for the Network under the entire technology infrastructure recovery planning process.

The NRP may be the most critical recovery process you will have to go through in the event of a disaster to insure all internal and external customers, suppliers, and any other stakeholders are able to gain access to the newly recreated network infrastructure.

 

P.O. Box 475, Wallace, NC 28466-0475  Phone: 910-285-8606  
Fax: 910-285-8471  e-mail: mark@turnbullconsulting.com