Business Continuity and Disaster Recovery - Risk Analysis and Control

In the risk evaluation phase, there are a number of key areas that must be covered. One of the most important is to understand probable threats. In an ideal world, which most of us have noticed does not exist, we would identify and protect ourselves against all threats to ensure that our business continues to survive. Obviously, we are constrained by other factors such as budgets, time and priorities and need to apply cost benefit analysis to ensure we are protecting the most critical business functions.

A second important step is to identify all probable threats and prioritize them. Threats, typically, can be classified in several ways such as internal/external, man-made/natural, primary/secondary, accidental/intentional, controllable/not controllable, warning/no warning, frequency, duration, speed of onset etc. While classifying threats is helpful in terms of understanding their characteristics and potential controls, grouping and understanding by business impact is also important. Obviously, the same impact can result from a number of different threats.

Identifying mission critical business processes and systems is another fundamental building block of the business continuity plan. After your critical business processes and systems and probable threats are established, the next step is to identify vulnerabilities and loss potential. This requires an extensive scan of the organization to identify vulnerabilities and then analysis to understand those vulnerabilities which would have the greatest impact on your critical business processes and the organization. This starts to clarify and quantify potential losses, which helps to establish priorities.

Following the identification of the most probable threats and vulnerabilities, an analysis of existing controls is needed. This spans physical security as well as people, processes, data, communications and asset protection. Some controls such as physical security and data backup are obvious. Other controls required are often less obvious, but they can be identified through the risk evaluation process.

Once the key building blocks of critical business functions, most probable threats, vulnerabilities and controls are identified, the next stage is to develop an understanding of the probability of threats factored by the severity or impact of the threats. This leads to the business impact analysis phase which establishes priorities for protection.

The goal is to minimize threats, impacts and downtime and to mitigate any losses. Fundamentally, the goal is to protect your people, protect your data, protect your vital communications, protect your assets and to protect your brand and reputation. Overall, of course, the goal is to ensure your business continues to operate and to do it in a cost-effective way meeting standards of reasonable and prudent judgment.

About The Author

Robert Mahood has significant technology and management experience in data communications, internet, storage, disaster recovery and data recovery. He is currently the president of Midwest Data Recovery. www.midwestdatarecovery.com

bmahood@midwestdatarecovery.com, 312 907 2100 or 866 786 2595

More Resources

Unable to open RSS Feed $XMLfilename with error HTTP ERROR: 404, exiting

More Data Recovery Information:

Related Articles

Are The Words Business Continuity and Disaster Recovery Planning Rolling Off Your Lips?
It might be more fun to talk about those free online business cards that are saving the company money, or those nifty designer business checks that are helping to solidif your branding efforts at the next staff meeting, but what really should be rolling off your lips are the words "business continuity and disaster recovery planning". Nothing is more important to a company than having a comprehensive recoveery plan in place prior to when disaster strikes.
Data Recovery The Easy Way
If you aren't prepared in advance, you will most likely have to use a data recovery service or data recovery software solution to help get back as much as you can of what was lost. This can be a very good idea if there is no other way to recover your files, but it doesn't have to come to that in most cases.
Want To Beat The Odds? Disaster Recovery Planning is Essential
Statistics show two out of five businesses go out of business within five years of experiencing a major disaster.These statistics are staggering.
Backup -- But Where To?
We all know we have to backup regularly, but those backups files can get huge. Add that to your existing your files and your notebook computer hard drive seems to have shrunk overnight.
Data Recovery Processes
Six months ago my computer crashed. When I turned my computer on it would not load Windows XP and so I could not get into my two hard drive files.
Data Backup Solution: Why You Need a Backup Plan in Place - Part 2
In the first part of this article series, I talked about the three main threats to the data on your computer. I talked about the need for a data backup solution that protects your data properly.
Read This Now: Its Not If You Will Lose Your Data, Its When Will You Lose Your Data
With Adware, SpyWare, E-Mail Viruses, Java Script Viruses and Hardware failures It isn't a matter of If you will loose your Data it is a matter of When you will loose your Data! By spending a few extra minutes now using a Simple Back Up Strategy, you can save yourself big headaches later.You Should Always have a Full Backup of your Online Business Directory and all it's subdirectories for the Last 4 Weeks as well daily incremental backups for a month or More.
Business Continuity and Disaster Recovery - A Business Not a Technology Issue
Hackers, hurricanes, fires, flooding, power outages, denial of service attacks, application failures, employee error, sabotage and now terrorism are helping companies to focus on the necessity of a business continuity plan.Through the late 1990s as companies prepared for Y2K, many IT executives, risk managers, CFOs and corporate managers realized that recovering computing systems, networks and data was not enough.
The Seven Golden Rules Of Data Backups
Backups of company data are carried out for two main reasons. The first is to cater for those times when a document is inadvertently deleted or damaged and you wish to recover the original document; the second is as part of a disaster recovery plan in case something catastrophic happens to your computers (e.
Avoiding Hard Disk Data Recovery Services
As a home computer owner, one of the greatest threats to yourinformation and to your wallet, is hard disk failure. When yourdrive crashes, you will quicky realize how valuable theinformation you can no longer access is.
Learn How To Make Data Backup Over The Internet!
Why should you backup your data on the Internet?There are several reasons.* The backup is located at a secure place for away from your computer.
Hard Drive Crash? The Essential Data Recovery Report
Your worst nightmare just became a horrifying reality. You keep hearing that little voice in your head mockingly shout "you should have backed that stuff up" The voice keeps echoing throughout your head as you perform a quick inventory all of the important information that you just lost?.
Offsite Data Backup Not Just for Fortune 500 Companies Anymore
In today's high paced digital world there is a very high value placed on information. Not just the kind of information you read in the newspaper or your favorite trade journals, but the type of information that we generate on a day to day basis with our digital devices.
9 Things to Look for when Considering Data Backup Solutions
It's one thing to loose data and money because of hackers and thieves of various kinds; it's a different thing again when it's because you didn't back up your data properly or not at all. Value your data! Whether it's that critical business document, your thesis, your website or your home accounts and precious photo's.
Disaster Recovery- Managing the Risk
Helping your business survive in the event of an unforeseen disaster: Most business failures are not from bad business but from bad business practices.Most companies that fail are the ones that have not planned how their business will continue to function in the event of a disaster.
Online Data Backups for Newbies
How long have you been doing business online? Whether you are new or an old timer you need to understand the one important truth of the e-world. That being that the largest threat to business survival is data loss.
Business Continuity and Disaster Recovery - Risk Analysis and Control
In the risk evaluation phase, there are a number of key areas that must be covered. One of the most important is to understand probable threats.
5 RAID Data Recovery Prevention Tips
If you have spent the time to increase your computer'sperformance by setting up a hardware RAID array, you owe it toyourself to invest a little extra time and effort in maintainingthe hard disks in your setup. Following these tips will helplimit the need for data disaster recovery in the future.
Data Recovery
Every person who uses a personal computer will eventually face the challenge of data recovery. Computer hardware and software can be temperamental from time to time.
Computer Data Backups: Test Now or Cry Later
If you're like most small business owners, your computer data backups are one of those things that you rarely pay attention to. Computer data backups are kind of like flossing your teeth and eating low-fat, high-fiber foods? everyone knows what they're supposed to do? but how many REALLY do these things religiously?!?Unfortunately when it comes to your computer data backups however, complacency can be very dangerous.