Experts in 
Software Development



Content Management 
When should you build, and when should you buy?
Disaster Recovery Planning

From the events of September 11, 2001, the sobering facts are that disaster recovery is a critical consideration for all companies.  It is a well documented fact that almost half of the companies that lose most of their important records, or critical personnel due to fire, or some other disaster fail to get off the ground again.

This is a quick summary of how to prepare for the worst.

1. Get management approval to prepare a plan, and action steps for Disaster Recovery.

2. Solicit input from all areas of the company.  In middle to large companies, this is best done by forming a committee with representatives from all areas, and/or including an outside specialist.  Find out what systems are critical, what roles fill by people are "irreplaceable",  what  contingency plans are already in place, and what the business impact of failures are on the various areas of the company.

3. In coming up with the report and action steps keep in mind the following items:

a. Alot of attention will focus on the IT areas, and financial systems.  All critical systems should have an automated way in which they are backed up to a secure location on a periodic basis.  Every time the automated backup occurs, an independent process should verify that it was done, and report to several administrative people that it was done.

b. Alot of knowledge resides in peoples heads.  Redundancy of critical data does little if you lose the people who are the only ones who know what to do with the data.  Your first priority is the safety of the people.  However, make sure that  processes are documented, and make sure that multiple people know how to recover and run critical processes.

c. Remember that electrical power, phone connectivity, Internet connectivity, physical location, are all vital to your organization.  Identify options to deal with the temporary loss of any of these basic systems.

d. Contact information for vendors, employees, and emergency agencies all need to be accessible assuming the worst case scenarios.  Any other pertinent and critical documentation should be accessible as well.

e. Do not count on a human response during a disaster.  It is not a viable option to have critical information in a set of files that someone will carry outside in the event of a fire.  The first priority is saving human lives.

4. Once approved, implement the action steps required to get the company prepared for disaster.

5. Test all the systems in the plan.  Do not wait for a disaster to occur before finding out that the backup programs were not functioning correctly.  The plan should contain the basic steps required to effect the recovery.

6. Review the plan every 6 months.  Your business is continually evolving, and as new systems are put into place, adequate recovery systems should be put into place as well.  A regular review cycle will assure this is happening.  The plan should be updated to reflect any new changes.

Some useful links for finding out more about Disaster Recovery:

Disaster Recovery Institute International (
Founded in 1988 to provide a base of common knowledge in contingency
planning. DRII also administers a certification program for qualified
business continuity/disaster recovery planners.

Contingency Planning & Management (
Periodical and a central resource for technology, products, services,
information, and management strategies that support business continuity
to safeguard the physical, informational, and communication assets of a
business; ensure the safety of employees and the public; and protect the
financial well-being of the company.

Disaster Recovery Journal's Homepage (
An entire journal dedicated to the field of disaster recovery and business continuity.
Over 50,000 subscribers. The DRJ also sponsors two annual conferences
that pull in over 2500 disaster recovery professionals from all over the
world, which makes their conferences the largest in the entire industry.
Federal Emergency Management Agency (
An independent agency of the federal government, reporting to the
President. Since its founding in 1979, FEMA's mission has been clear: to
reduce loss of life and property and protect our nation's critical
infrastructure from all types of hazards through a comprehensive, risk-
based, emergency management program of mitigation, preparedness,
response and recovery.

The MIT Business Continuity Plan

University of California Campus Business Continuity Planning


Copyright 2002  [Phase2 Software Corporation]. All rights reserved.
Revised: March 06, 2002 .