Thinking About Business Continuity

Posted on 3 October 20243 October 2024

This week we’re looking at business continuity and what you should consider when thinking about when creating your disaster recovery and business continuity plans.

What do we mean by business continuity?

Business continuity is a plan for how to minimise the effects of any disruption to your business due to disasters. This could be anything from a fire or a flood to ransomware attack that takes your entire network. The plan could include evacuating premises, staff communications, contacting customers, securing stock and dealing with the press or media. The plan should also include an IT disaster recovery plan, which covers what happens to your essential systems.

What should we consider when creating a business continuity plan?

You need to think about:

What are your organisation’s key products and services?
What are the critical activities and resources required to deliver these?
What are the risks to these critical activities?
How will you maintain these critical activities in the event of an incident (loss of access to premises, loss of utilities etc)?

You will also need to analyse your business impact for each of the above. This is where you document what the business impact would be for the first 24 hours, 24 – 28 hours, up to a week and up to two weeks.

After you’ve done this, you will also need to think about what resources would be required to maintain your business’ activities. These are some of the questions you may consider asking yourself and your team:

Regarding Your People – What is the optimum number of staff you require to carry out your critical activities? What is the minimum staffing level with which you could provide some sort of service? What skills/level of expertise is required to undertake these activities?
Regarding Your Staff – What locations do your organisation’s critical activities operate from? What alternative premises do you have? What plant, machinery and other facilities are essential to carry out your critical activities?
Regarding Your Suppliers and Partners – Who are your priority suppliers/partners whom you depend on to undertake your critical activities? Do you tender key services out to another organisation, to whom and for what? Do you have any reciprocal arrangements with other organisations?
Regarding Business Information – What information is essential to carry out your critical activities? How is this information stored?
Regarding Your IT Technology – What IT is essential to carry out your critical activities? What systems and means of voice and data communication are required to carry out your critical activities?

What methods should be included in an IT Disaster Recovery Plan in particular?

Today’s businesses rely on IT to run. Everything we do relies on technology. Any outage in service has a great impact on the business and its customers. Similarly, we hold more and more data, so problems of lost and corrupted data affect us more.

The most important factor to have in place for a IT Disaster Recovery Plan are regular backups so you can recover your business data.

If you’re incredibly lucky and your friendly IT provider has a spare fileserver, you might be able to get a replacement in a day. More likely, you’ll need to source a fileserver, create a specification, order it, wait for delivery and then have it configured for your computer network.

Then you’ll need to restore your software, your data and your backups on to the server. (You do have verified backups, don’t you?) The time required to transfer 1TB of data from cloud storage back to your office (over an uninterrupted, faster-than-average, 50Mbs VPN or fibre broadband) is 48 hours. That’s two whole days, just to download your own data!

It is also worth noting that IT downtime can be caused by factors that are not disasters such as hardware failures, power outages, virus/malware, software problems etc. so an IT Disaster Recovery Plan is essential for businesses to have.

In conclusion

When considering disaster recovery planning, it is useful to think less about the disaster and more about what outage you can cope with, and therefore how to protect against it.

For more information, there is a government document available which talks you through creating a Business Continuity Plan, you can find it here >

Posted in NewsTagged backup, Business Continuity, Disaster Recovery

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.