Innovation is the engine of growth for any organization, and today that typically involves an increased reliance on IT. Yet despite IT services becoming more critical for many organizations, there remains a reluctance among some to elevate the focus of their IT disaster recovery plans.
Obviously everyone would like their organization to be protected against risk and exposure. Who wouldn’t want to ensure that their operations are safe and secure from threats, and that their risk of downtime in the case of emergency is kept to an absolute minimum?
The problem is that most organizations face tight budgets and limited resources, and they tend to believe that they don’t have the capital or the human resources to undertake a cost-effective DR plan. Furthermore, many organizations underestimate the very real and pressing level of risk and exposure they face.
These constitute real barriers to the prioritization of DR planning within an organization. But they are barriers that can and should be overcome. Here’s how:
Key Stakeholders Need to Understand and Agree Upon Potential Risks
The commitment to a DR plan needs to come from the top, but not everyone in management has the time or ability to thoroughly assess risk. And even if every risk is identified, there might not be agreement on the likelihood of those potential events and the levels of exposure faced by the organization.
What’s needed is a clear and unbridled assessment of potential risks – from internet outages to power outages to weather damage to natural disasters – weighed against the cost to the business should they actually occur. These costs (depending on duration) can range from lost orders / customers and cancelled transactions / partner arrangements to regulatory compliance failure to brand damage.
The most cost-efficient way to gain this perspective is through a facilitated and periodic Risk and Threat Assessment (RTA), in which an independent expert confirms and identifies an organization’s risks, advises on their risk response, and then facilitates a discussion so that management and key stakeholders can come to a consensus on the ‘hows’ and ‘whys’ of a DR plan.
Take a Creative Approach to Afford Your DR Plan
For most businesses, capital is in short supply and is only released sparingly for mission-critical applications and infrastructure. Funding for IT is often tied up in headcount, licences and other, longer-term commitments. These circumstances call for cost-effective methods and tools that allow the organization to productively embed DR into its normal IT processes.
Fortunately, it’s not necessary to tie-up a lot of scarce investment capital in order to create and maintain a DR plan. What is required is a simple, creative, collaborative, and highly automated approach that can be maintained on a relatively low operating budget. Given the proper approach, a DR plan does not need to be maintained separately and independently. When integrated into regular IT activities, the DR plan can be well maintained without absorbing a lot of recurring expense.
Maintaining a DR Plan Doesn’t Need to Be an Extra Burden on IT Staff
The typical IT department is already stretched to the limit tending to the existing systems portfolio. Given this reality, building and maintaining a DR plan falls far down on their “to do” list.
But a DR plan cannot be created and maintained without the active participation of IT personnel. What is needed is a highly productive approach that simultaneously balances DR requirements with normal IT activities. Through careful planning, regular activities such as upgrading software or backing up systems can double up with DR activities. The goal is to harness the skills and knowledge of the IT staff, while at the same time running and maintaining DR without disruption to main line users, operations, maintenance and enhancement projects.
Once your organization fully understands the potential risks it faces, a little planning and creative thinking can go a long way towards being prepared to face those risks.
