Cost of business interruption

Cost of business interruption

Cost of business interruption – Calculating the impact and cost to an enterprise of a disruption of service is difficult.  It is a necessary planning step that needs to be re-visited on  an annual basis. Some of the factors need to be considered:

  • How will your clients, customers, and users react a disruption? Will they react in a way that will be more or less disruptive to the business and its operation?
  • Will the disruption have an impact on other activities? For example your sales force may still be able to make sales call but the distribution arm of the company may be at a standstill.
  • How will the event impact the overall reputation of the enterprise?  Will there be an adverse media or social networking publicity?
  • Once the event is over how quickly will you company be able to catch up and get back to business as normal?
  • During the outage and how much revenue will your company lose?
  • Will there be any contractual or legal penalties that will be imposed and how extensive will they be?
  • If the event impacts items that will need to be repaired or replaced, will the repair parts, maintenance staff, and replacement equipment be available?  At what cost?
  • If you activate other services, overtime, or incur other expenses what will the cost of that be?

To address those issues we have found that a speadsheet like the one below will help to summarize the information that you will collect and present.

Order DRP BCP Download Selected Pages

Unemployment rate grim for 13 states

Unemployment rate grim for 13 states

Unemployment rate is grim for 13 states.  Both Nevada and California have had the highest unemployment rates for over 24 months.  The numbers have improved in almost all of the states in the past 12 months save West Virginia.

When one looks at the detail, yes we seem to be better off now than a year ago but with the participation rate being the lowest it has been since 1977 the job market picture is not as rosey as the BLS is telling us.

https://www.e-janco.com/Career/EmploymentData.html
Unemployment Picture August 2014 vs August 2015 States with Unemployment of 6% or greater

Granted that both Nevada and California look better it is not clear that the picture is improving.  Looking deeper into the number both states have a participation rate that is lower than the average and average compensation is significantly lower as high prices jobs have left both states,

On the bright side there now are 10 states that have an employment rate that meet the criteria for  being full employment states.

States that qualify as being full employment states

Order Salary Survey     Download Selected Pages

Lack of BYOD policy at State Department causes havoc in presidential campaign

Lack of BYOD policy at State Department causes havoc in presidential campaign

Lack of BYOD PolicyLack of BYOD policy and enforcement at the State Department have caused havoc in the presidential campaign. The secretary of state used her own personal Blackberry which was not secure. In addition it is not clear which versions of software were on her device and wither it was backed-up in accordance to mandated federal requirements for sensitive, confidential, and top secret information.

Bring Your Own Device Policy updated to to meet Disaster Recovery, Business Continuity and Corporate Intellectual Property Requirements

Download Selected Pages

With the advent of Bring-Your-Own-Device – BYOD and the ever increasing mandated requirements for record retention and security, CIOs are challenged to manage in a complex and changing environment.

IT Infrastructure Policies and Procedures

One of the best ways to communicate and understand a company and its operating culture is through its policies. Designing and writing policy and communicating it effectively is an essential skill for professionals to have. By having policy carefully developed and communicated, employees will clearly know what the organization expects from them, the degree of control and independence they will have, and what the benefits and consequences are in regard to adhering to policy.

Order Infrastructure PoliciesDownload Selected Pages

Cloud Disaster Plan lacking

Cloud Disaster Plan lacking

Cloud Disaster Plan lacking and is not enough to protect your data.  Google with all of its resources had data destroyed and lost due to 4 lighting strikes at one of it data centers.

Cloud Disaster Plan lacking
Cloud Disaster Plan lacking

While four successive strikes is rare, lightning does not need to repeatedly strike a building in exactly the same spot to cause additional damage.

A project manager for the lightning protection service of one major company, said lightning could strike power or telecommunications cables connected to a building at a distance and still cause disruptions.  The cabling  outside of a data center can be struck up to a mile away, bring the power surge back to the data center and cause extensive damage.

In an online statement, Google said, “… data on just 0.000001% of disk space was permanently affected.” Some people have permanently lost access to their files as a result of this event.

Disaster Recovery Security Cloud DRP Security Incident Communication Policy Security Audit Program
 Order Disaster Plan Template Disaster Plan Sample

Digital Disruption is a critical concern of executive management

Digital Disruption is a critical concern of executive management

Digital Disruption – The digital narrative is continuing to gain prominence in Boardrooms and there is a need to understand the impact of digital disruption.

Digital data now can and does disrupt the business model and changing business outcomes in most companies.

It has been predicted by industry experts that 70% of IT will be absorbed into business in the future. Talent is paramount for success in the digital world. The role of CIO is changing to become the strategy officer, chief technologist of the company, and preparing the company for infusion of technology in their products, processes and every sphere of business world.

Digital Disruption Life Cycle

Order DRP BCPSample DRP BCPDRP Customers

Digital data is accelerating advanced security initiatives for enterprises: The world of digital is ubiquitous and highly connected. The connectivity is increasing at an exponential pace. It is estimated that wearables will be 30 billion devices by 2020.

Security is a risk and also an opportunity to increase the pace of innovation. Focus on security brings peace of mind. With recent incidents in large enterprises, organizations have stepped up their pace of investing in security initiatives. Innovation is paramount and instead of playing a catch up game, it is time for enterprises to move ahead of the curve.

Employment picture is mixed

Employment picture is mixed in latest BLS data

Employment picture is mixed – The latest BLS data shows that there are 16 states that have unemployment rates that are over 6%.  In addition there are 11 other states were the unemployment rates have gone up in  the last 3 months.

Salary Survey Job Descriptions IT Job Families IT Hiring Kit Interview Guide

Order Salary Survey    Free Salary Survey

Employment Picture for IT Job Market – On a monthly basis – typically on the first Friday of the month – Janco publishes an analysis of the IT Job Market utilizing the BLS labor data and it proprietary data. See the latest press clipping go to Janco’s Press Clippings and eJobDescription.com.

Employment Picture
Historic State Unemployment Rate

Disaster Recovery Backup Solution

Disaster Recovery Backup

Disaster Recovery Backup and Backup Retention Policy Template

CIOs and IT Managers need to consider mandated compliance requirements

Disaster Recovery Backup Solution – Just added Best Practices for Backup, Cloud Backup and Mobile Device Backup. IT organizations of all sizes contend with a growing data footprint with more data to manage, protect, and preserve for longer periods of time. Online primary storage, has focus a on fast low latency, reliable access to data while near-line secondary storage has a focus on low cost and high capacity.

Disaster Recovery BackupQuestion that need to be answered are:

  • Is our data safe in transit and at rest?
  • What prevents hackers from gaining access to our data?
  • Is our data properly handled, stored, and deleted?
  • Who can access our data?
  • What are the benchmark measurements?
  • Is our data backup strategy compliant?
  • Will our recovery be successful?

 

 

10 Step Disaster Plan Testing

10 Step Disaster Plan Testing

10 step Disaster Plan Testing

10 step Disaster Plan Testing – Almost every organization has a disaster recovery and business continuity plan on the shelf.  The question that every CIO needs to have answered is will the plan work?

To that end we have defined and documented a testing process that will ensure that a DR/BC plan will work when it is needed after a disaster or business interruption occurs.

The 10 steps are:

  1. Identify people who will participate in the test
  2. Identify the enterprise operations that will be tested
  3. Train people before the test
  4. Establish test objectives
  5. Select test type
    1. A walk through
    2. A desktop
    3. A timed desktop
    4. Live or real time
  6. Document the test plan
  7. Manage pretest administration
  8. Conduct the test
  9. Do a post-test review of successes and failure – implement changes the test
  10. Schedule the next test

Each of these steps is discussed in detail in the Disaster Recovery Business Continuity Template.

 Order Disaster Plan TemplateDisaster Plan Sample

Disaster Recovery Business Continuity Plan Template

The Disaster Recovery Business Continuity template has been purchase by over 2,500 enterprise world wide in both the public and private sectors. To see the distribution of our customer base click here.

Disaster Recovery Security Cloud DRP Security Incident Communication Policy Security Audit Program
 Order Disaster Plan TemplateDisaster Plan SampleDR BC History

Top 10 Best Practices to meet IT governance and compliance requirements

Top 10 Best Practices to meet IT governance and compliance requirements

Top 10 best practices to meet governance and compliance requirements are a baseline tat “World Class” CIOs and enterprises all follow.

  1. Understand all existing and proposed regulation and compliance requirement.  This includes industry, state, local, federal and international regulations and mandates
  2. Have clear definition of duties (job descriptions) that meet all infrastructure, security and compliance requirements. These should be well documented and distributed throughout the enterprise.
  3. Continually assess the internal controls of IT that are in place. This requires interaction with both internal and external auditors.
  4. Establish a baseline of IT internal controls – include a definition of baseline policies and procedures that need to be in place in IT function.  Infrastructure policies and procedures must be constantly reviewed and updated.
  5.  Audit compliance to baseline of IT internal controls and governance requirements. All levels of management need to be involved.
  6.  Track access to all “protected” and confidential data. This has to be real time and responsive as the exposure the enterprise faces continues to increase over time.
  7.  Preserve audit data in secure long term storage.  After the fact reviews can not take place unless this occurs.
  8.  Establish and enforce separation of duties and management accountability are key.
  9.  Implement metrics that support the alignment of IT with enterprise requirements. To measure is to modify behavior.  The right metrics need to be in place.
  10.  Implement a function which focuses on implications of new technology on infrastructure and governance of IT.

One of the best ways to communicate and understand a company and its operating culture is through its policies. Designing and writing policy and communicating it effectively is an essential skill for professionals to have. By having policy carefully developed and communicated, employees will clearly know what the organization expects from them, the degree of control and independence they will have, and what the benefits and consequences are in regard to adhering to policy.

  • CIO IT Infrastructure Policy Bundle (more info…) All of the policies below are included as individual MS Word files and a single PDF file. Electronic forms are all individual documents that are easily modifiable
    • Backup and Backup Retention Policy (more info…)
    • Blog and Personal Web Site Policy (more info…) Includes electronic Blog Compliance Agreement Form
    • BYOD Policy Template (more info…) Includes electronic BYOD Access and Use Agreement Form
    • Google Glass Policy Template (more info…) Includes electronic Google Glass Access and Use Agreement Form
    • Incident Communication Plan Policy (more info…) Updated to include social networks as a communication path
    • Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy (more info…) Includes 5 electronic forms to aid in the quick deployment of this policy
    • Mobile Device Access and Use Policy (more info…)
    • Patch Management Policy (more info…)
    • Outsourcing and Cloud Based File Sharing Policy (more info…)
    • Physical and Virtual Security Policy (more info…)
    • Record Management, Retention, and Destruction Policy (more info…)
    • Sensitive Information Policy (more info…) HIPAA Compliant and includes electronic Sensitive Information Policy Compliance Agreement Form
    • Service Level Agreement (SLA) Policy Template with Metrics (more info…)
    • Social Networking Policy (more info…) Includes electronic form
    • Telecommuting Policy (more info…) Includes 3 electronic forms to help to effectively manage work at home staff
    • Text Messaging Sensitive and Confidential Information (more Info…)
    • Travel and Off-Site Meeting Policy (more info…)
    • IT Infrastructure Electronic Forms (more info…)

IT Infrastructure PoliciesInfrastructure Policy Sample

IT job description bundles available in MS WORD format

IT job descriptions bundles are available in MS WORD format

IT job descriptions bundles have just been updated to meet the latest compliance and security requirements

IT Job DescriptionsIT job descriptions bundles have just been updated.  The bundles are:

  • C-Level IT Job Description Bundle \
    • Chief Information Officer(CIO), Chief Information Officer (CIO) – Small Enterprise, Chief Security Officer (CSO), Chief Compliance Officer (CCO), Chief Mobility Officer (CMO), Chief Technology Officer (CTO), and Chief Digital Officer (CDO)
  • Compliance Management Job Description Bundle
    • Chief Compliance Officer (CCO), Director Electronic Commerce, e-Commerce Specialist, Internet-Intranet Administrator, Manager BYOD Support, Manager Internet – Intranet Activities, Manager Internet Systems, Manager Point of Sale, Manager Record Administration, Manager Transaction Processing, Manager Video and Website Content, Manager Web Content, Manager Wireless Systems, BYOD support anaylst, On-Line Transaction Processing Analyst, PCI-DSS Administrator, PCI-DSS Coordinator, POS Coordinator, POS Hardware Coordinator, POS Senior Coordinator, Record Management Coordinator, System Administrators – UNIX – Windows Linix, Web Analyst, Web Site Designer, Webmaster, and Wireless Coordinator.
  • eCommerce, Wireless, and Internet Job Description Bundle
    • Director Electronic Commerce, e-Commerce Specialist, Internet-Intranet Administrator, Manager Internet – Intranet Activities, Manager Internet Systems, Manager Point of Sale, Manager Record Administration, Manager Transaction Processing, Manager Video and Website Content, Manager Web Content, Manager Wireless Systems, On-Line Transaction Processing Analyst, PCI-DSS Administrator, PCI-DSS Coordinator, POS Coordinator, POS Hardware Coordinator, POS Senior Coordinator, Record Management Coordinator, System Administrator – Linux, System Administrator – UNIX , System Administrator – Windows, Web Analyst, Web Site Designer, Webmaster, and Wireless Coordinator.
  • Enterprise Architecture and IT Executives Job Description Bundle
    • Vice President Strategy and Architecture, Chief Information Officer- CIO, Chief Information Officer – Small Enterprise – CIO, Chief Compliance Officer – CCO, Chief Mobility Officer(CMO), Chief Security Officer – CSO, Chief Technology Officer – CTO, Manager Change Control, Manager Competitive Intelligence, Manager Database, Manager Enterprise Architecture, Manager Sarbanes-Oxley Compliance, Manager Video and Website Content, Project Manager Enterprise Architecture, Capacity Planning Supervisor, Change Control Supervisor, Database Administrator, Enterprise Architect, PCI-DSS Coordinator, and Cloud Computing Architect
  • Enterprise Resource Planning (ERP) Job Description Bundle
    • Project Manager, Enterprise Resource Planning (ERP); Enterprise Resource Planning (ERP) – Architect; Enterprise Resource Planning (ERP) – Business Analyst; Enterprise Resource Planning (ERP) – Data Architect; Enterprise Resource Planning (ERP) – Decision Support Analyst; Enterprise Resource Planning (ERP) – Developer; Enterprise Resource Planning (ERP) – Functional Lead; Enterprise Resource Planning (ERP) – Infrastructure Administrator; Enterprise Resource Planning (ERP) – Master Data Analyst; Enterprise Resource Planning (ERP) – Process Owner; Enterprise Resource Planning (ERP) – Security Administrator; Enterprise Resource Planning (ERP) – Security Analyst; Enterprise Resource Planning (ERP) – Subject Matter Expert; Enterprise Resource Planning (ERP) – Team Lead; Enterprise Resource Planning (ERP) – Technical Lead; and Enterprise Resource Planning (ERP) – Trainer
  • Disaster Recovery and Business Continuity Job Description Bundle
    • Chief Information Officer; Chief Security Officer; Chief Compliance Officer; Chief Mobility Officer; VP Strategy and Architecture; Director Disaster Recovery and Business Continuity; Director e-Commerce; Director Media Communications; Manager Disaster Recovery; Manager Disaster Recovery and Business Continuity; Disaster Recovery Coordinator; Disaster Recovery – Special Projects Supervisor; Manager Database; Capacity Planning Supervisor; Manager Media Library Support; Manager Record Administration; Manager Site Management; and Pandemic Coordinator
  • IT Service Management – SOA Job Description Bundle
    • Director Sarbanes-Oxley Compliance; Manager Change Control; Manager Customer Service Center<; Manager Help Desk Support; Manager Metrics; Manager Quality Control; Manager Service Level Reporting; Manager User Support; Capacity Planning Supervisor; Change Control Analyst; Change Control Supervisor; Help Desk Analyst; Key Performance Indicatior Analyst; Metrics Measurement Analys; and Quality Measurement Analyst
  • Metrics, Service Level Agreement & Outsourcing Job Description Bundle
    • VP Administration; VP Strategy and Architecture; Director IT Management and Control; Manager Contracts and Pricing;Manager Controller; Manager Metrics; Manager Outsourcing; Manager Service Level Reporting; Manager Vendor Management; Key Performance Indicator Analyst; Metrics Measurement Analyst; Quality Measurement Analyst; System Administrator Linux; System Administrator Unix; and System Administrator Windows
  • Security Management Job Description Bundle
    • Chief Compliance Officer (CCO); Chief Security Officer (CSO); VP Strategy and Architecture; Director e-Commerce; Database Administrator; Data Security Administrator; Manager Data Security; Manager Facilities and Equipment; Manager Network and Computing Services; Manager Network Services; Manager Training and Documentation; Manager Voice and Data Communication; Manager Wireless Systems; Network Security Analyst; System Administrator – Linux; System Administrator – Unix; and System Administrator – Windows
  • Salary Survey Job Description Bundle
    • Executive – VP – Chief Information Officer (CIO), Chief Security Officer (CSO), VP – Administration, VP – Consulting Services, VP – Information Services, VP – Technical Services, Director – IT Planning, Director – Production/Data Center, and Director – Systems & Programming.
    • Middle Management: Manager Computer Operations, Manager Customer Service, Manager Data Communications, Manager Data Warehouse, Manager Database, Manager Internet Systems, Manager Network Services, Manager Office Automation Applications, Manager Operating Systems Production, Manager Production Services, Manager Production Support, Manager Quality Control, Manager Security and Workstations, Manager Systems and Programming, Manager Technical Services, Manager Training and Documentation, Manager Voice and Data Communications, Manager Voice/Wireless Communication, Project Manager Applications, Project Manager Distributed Systems, Project Manager Network Technical Services, Project Manager Systems, Capacity Planning Supervisor, Change Control Supervisor, Computer Operations Shift Manager Computer Operations Shift Supervisor, Hardware Installation Supervisor, Microcomputer Support Supervisor, Network Services Supervisor, Production Control Specialist, Production Services Supervisor, and Webmaster.
    • Staff: Change Control Analyst, Computer Operator, Data Center Facility, Administrator, Data Entry Clerk, Data Entry Supervisor, Data Security Administrator, Data Base Specialist, Disaster Recovery Coordinator, e-Commerce Specialist, Forms and Graphics Designer, Hardware Installation Coordinator, Internet Developer, IT Planning Analyst, LAN Application Support Analyst, Librarian, Network Control Analyst, Network Services Administrator, Network Specialist Senior, Network Technician, Object Programmer, Operations Analyst, Personal Computer Specialist, Production Control Analyst, Programmer/Analyst, Software Engineer, Systems Analyst, Systems Programmer, System Support Specialist, Technical Services Specialist, Technical Specialist, Voice/Wireless Communications Coordinator, and Web Analyst

For more information go to https://www.e-janco.com/jobdescriptions.html

10 best practices for Disaster Recovery and Business Continuity

10 best practices for Disaster Recovery and Business Continuity

Most CIOs and management executives all say they have disaster recovery and business continuity under control — Do they really?

Best Practices – Top 10 – Janco has found that successful organization typically follow or have implemented these 10 best practices

  1. Have management communicated that disaster recovery not as a tactical IT project but as a strategic IT asset.
  2. Create a disaster recovery and business continuity process that is integrated into the organization
  3. Allocate costs associated with the disaster recovery business continuity plan as part of the base overhead so that costs are distributed across the entire organization
  4. Treat disaster recovery and business continuity as “mission critical” for cost and staff allocations
  5. Establish metrics for the process and timing of recovery events
  6. Test the plans at least once every six months or whenever there is major enhancement to the enterprise’s computing or operational infrastructure
  7. Monitor how other enterprises and your competitors are faring after and event occurs
  8. Quarterly review you media communication protocol for who says what when to whom when an event occurs
  9. Pool your assets and personnel to provide resilience capabilities for interconnected systems or collaborative technologies such as payments or check processing.
  10. Test the back-ups (at least quarterly) so that what is taken is what is needed for recovery and that it meets your recovery performance metrics
Disaster Recovery Security Cloud DRP Security Incident Communication Policy
 Order Disaster Plan TemplateDisaster Plan Sample

It goes without saying that every company, regardless of size, needs a concise business continuity plan in case of an emergency. If you don’t have a disaster recovery plan or haven’t updated yours recently, now is the time to take this critical step to protect your business.

Plan Do Act

Security is a pipe-dream

Security is a pipe-dream,  few enterprises are fully protected from events that have occurred in the past several months.

Not many CIOs and CSOs feel they have 100% of their security risks covered. In a recent survey that was published in NetworkWorld:

  • 55% said that was the case
  • 40% said they hope the had all of their security bases covered
  • 6% said that they did

With only 6% saying they had all of their bases covered there is lot of room for security hackers and data breachers to attack the systems in place.

Now that we know that a security breach may occur, how sure are these same CIOs and CSOs that they will be able to react in time. The first step is detection that a hack or breach has occurred. In another survey by Janco Associates we found that in midsized and large enterprises:

  • 35% had a detection solution in place and they automatically quarantined the server(s)
  • 43% had a detection solution in place but had to “manually” quarantine the server(s)
  • 23% had to “manually” put the server(s) offline when they found out they had a problem

When you put these two sets of data together, you conclude that less than 2% of enterprises are protected adequately enough to prevent a major security hack or breach occurring.

Disaster Recovery / Business Continuity &
Security Template Bundle

ISO 27000, Sarbanes-Oxley, and HIPAA Compliant
PCI-DSS Compliant

Order DRP BCP SecuritySample DRP Security Manual

Experts Agree You Should Update Your Plan Annually

Security is a critical concern during the recovery process

It goes without saying that every company, regardless of size, needs a concise business continuity plan in case of an emergency. If you don’t have a disaster recovery plan or haven’t updated yours recently, now is the time to take this critical step to protect your business.

Cloud Technology Impacts Outsourcing

Cloud Technology Impacts Outsourcing

Cloud Technology

What makes cloud computing different from this “ordinary” system of computing is that the cloud functions as a collective computer that exists in the virtual world. The cloud uses resources and information from computers and servers, running these applications independently and making the specific hardware less important to how the applications work.

Janco Associates has just updated its CIO IT Infrastructure Policy Bundle. This is part of Janco’s continuing effort to create a set of standard ‘Best Practices’ procedures that CIOs can implement to meet the challenges they face as they adjust to the new ways that technology is being used. Included is a new policy “Outsourcing and Cloud Based File Sharing“.

The Outsourcing and Cloud Based File Sharing Policy defines everything that is needed for the data and/or application of a function, department, or area to be outsourced or file shared via the cloud.

The policy template is ready to use and is easily modified to meet the unique requirements of your company.

The policy comes as a Microsoft Word document that can be customized as needed.

The template has been updated to include an ISO audit program definition and electronic form. The policy template includes:

  • Outsourcing Management Standard
    • Service Level Agreement
    • Responsibility
    • Cloud Based File Sharing
  • Outsourcing Policy
    • Policy Statement
    • Goal
  • Approval Standard
    • Base Case
    • Responsibilities

Note: Look at the Practical Guide for Outsourcing over 110 page template for a more extensive process for outsourcing which includes a sample contract with a sample service level agreement

Order Outsourcing PolicySample Outsourcing Policy

Top 10 backup mistakes made by IT groups

Top 10 backup mistakes made by IT groups

The top 10 backup mistakes made by CIOs and IT groups have been identified by several groups.  This is the list as verified by Janco Associate, Inc. (www.e-janco.com). Janco has found that only when a backup is needed and then found that it is lacking or missing do many CIOs, IT Managers, and users appreciate the complexity  of the issue.

Top 10 Backup MistakesSample Policy

  1. Backing up only desktops and ignoring laptops, tablets, smartphone and other mobile devices
  2. Thinking that all that matters are mainframe or data center data bases
  3. Not understanding the differences in various deduplication solutions
  4. Not understanding what impact the backup processes have on users
  5. Not having a good grasp of the security implications due to disparate backup files
  6. Focusing only on what is needed today and ignoring future ramifications
  7. Not having a robust deployment solution defined
  8. Understanding the total cost of ownership for a solution or lack of a complete backup and security solution
  9. Ignoring BYOD implications and complications
  10. Not understanding he implications of the backup solution for disaster recovery and business continuity

 

Disaster Recovery Plan – need for physical copy defined

In a recent joint advisory for company’s disaster recovery plan issued by the US Securities and Exchange Commission (SEC), the Financial Industry Regulatory Authority (FINRA) and the Commodity Futures Trading Commission’s (CFTC) Division of Swap Dealer and Intermediary Oversight it was recommended, among other things, that “firms should consider keeping their business continuity plans, contact lists and other necessary documents, procedures and manuals at the alternative site, ideally in paper form in the OKevent that electronic files cannot be accessed.”

“How important are paper-based business continuity plans?”

Disaster Recovery

With more than 100 responses received, the results show that 54.4 percent of respondents believe that paper based disaster recovery plans are essential; 26.6 percent say that they are ‘quite important’; and 19.0 percent say that they are ‘not important’.

There is some variation of opinion depending on the size of the respondent’s organization. 54.5 percent of business continuity professionals in large organizations see paper-based BCPs as essential; this drops to 46.2 percent in medium-sized organizations and 50 percent in small organizations. However, 71.4 percent of those in micro organizations say that paper-based BCPs are essential.

 Order Disaster Plan TemplateDisaster Plan Sample

How do you balance the disaster recovery plan risk and investment equation? Is the potential risk greater than the investment? Some facts:

  • 43% of companies experiencing disasters never reopen, and 29% close within two years.
  • 93% of businesses that lost their data center for 10 days went bankrupt within one year.
  • 40% of all companies that experience a major disaster will go out of business if they cannot gain access to their data within 24 hours.

CIOs and Business Continuity Managers should plan for all situations in which normal operations are disrupted and have practices and technologies in place that enable them to deal with potential disruption from hostile, external actions as well as internal system failures.

%d bloggers like this: