Business Continuity

Disaster recovery is a small subset of business continuity.

For example, if you don’t have a plan for where your employees will work, recovering all of your IT systems might not matter very much.

A few things to consider:

  • Do you have regulatory compliance standards to meet?  (FINRA, HIPAA, PCI)

  • Who are the key stakeholders & key personnel involved?

  • How will employees be notified (where to go/how to log into systems) if disaster strikes?

  • How will you maintain contact with customers while remaining in agreement with contracts?

Business continuity is often confused with disaster recovery but the two are not the same.

Business continuity is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions at all times.

These activities include many repetitive tasks such as project management, system backups, change control, and help desk.

Business continuity is not something implemented at the time of a disaster; but refers to those activities performed daily to maintain service, consistency, and recoverability.

Today, would you be confident that your business would pass a business continuity audit by your largest customer?

The foundation of business continuity are the standards, program development, and supporting policies; guidelines, and procedures needed to ensure a firm to continue without stoppage, irrespective of the adverse circumstances or events.

All system design, implementation, support, and maintenance must be based on this foundation in order to have any hope of achieving business continuity and disaster recovery.