Introduction and Overview

• Business continuity vs. disaster recovery
• Why a recovery plan is a crucial asset
• Sources of threat
• Codes of practice and legislative requirements

Measuring Risk and Avoiding Disaster

Assessing risk in the enterprise

• Choosing the assessment method
• The five-step risk process
• Matching the response to the threat

Identifying mission-critical continuity needs

• Evaluating which functions are critical
• Setting priorities based on time horizons
• Prioritising processes and applications

Implementing disaster avoidance

• Avoiding disasters by taking effective preventive actions
• Creating contingency plans for unavoidable threats

The four-step Business Impact Assessment (BIA)

• Identifying the threat
• Assessing the risk to the enterprise
• Identifying business-critical activities
• Specifying required IT support from technical staff

Designing Recovery Solutions

Establishing a disaster recovery site

• Site choices: configuration and acquisition
• Choosing suppliers: in-house vs. third-party
• Specifying equipment

Selecting backup and restore strategies

• Matching strategy to operational constraints
• Meeting the organisation's storage requirements for vital records

Restoring communications and recovering users

• Determining vital users with the BIA
• Rerouting voice, mail, goods delivery
• Eliminating network single points of failure
• Connecting end users
• Meeting varied user-recovery needs

Implementing a Project Management Approach

Managing and documenting the planning project

• Identifying stakeholders
• Analysing stakeholder needs
• Obtaining the funding commitments
• Defining clear goals at the start

Running the project

• Controlling the project via tracking
• Managing risks and issues
• Testing deliverables

Responding to Disaster

Creating the recovery plan

• Capturing the planning output
• Creating recovery-team charters
• Defining roles and responsibilities
• Responding to recovery scenarios
• Information directories and equipment inventories

Directing the disaster recovery teams

• Planning and conducting Crisis Communications
• Connecting with emergency services
• Team actions following a disaster

Assuring the Plan and Applying Document Management

Rehearsing the business continuity plan

• The reasons for testing the plan
• Considering the impact on the organisation's activities
• Using a step-by-step process to test the plan
• Developing test scenarios and using test results effectively

Maintaining the business continuity plan

• Applying change control: why and how
• Ensuring normal developments are accounted for in the plan
• Scheduling regular reviews
• Applying document management discipline to the plan