|
|
|
An Introduction to Tape Backup
If you run a small business, chances are you're saving important files to a server. But what happens when disaster strikes? How are you ensuring that your files won't be lost? Many people fail to realize that the loss of files could cripple their...
Computer Data Recovery Options
Losing files on your computer can be a frightening experience if the files are of importance to you personally or professionally. Computer data recovery techniques include the most simple of operations, like simply retrieving an accidentally...
Data Recovery - You Can Get It Back!
Data Recovery - You Can Get It Back!
by Keith Thompson
Data recovery is a process whereby you can save data and
files you accidentally deleted, had eaten by malicious
software or viruses, hardware failures, corporate espionage
and many...
Disc and Data Recovery
Data Recovery is probably the last thing on anyone's mind when
they buy a computer. Most of us never think something will go
wrong until it's too late. Data recovery or Disc Recovery
services is something we hope we will never have the need...
Document Management Features for 2003
Document Management Features and Capabilities to make quick and easy access to information at your fingertips right from your PC or network!
Document Management Features for 2003 No name brands or ads are mentioned
I am excited to...
Flash USB drive: backup easily, conveniently and securely
Tired of switching CD/DVD discs while backing up? Flash USB drives to the
rescue!
If you already backup often, you are doing the most you can to
secure your files against accidental file deletion and recovery,
file damage and what...
Outsourcing: Multiplying IT Services
As global competition intensifies and heats ups, an increasingly
large number of firms have begun to compete and challenge big
computer business giants i.e. Electronic Data Systems (EDS) and
IBM with low cost products, sophisticated technology,...
Small Business Computer Security, the Basics
Anyone in business today realizes both the natural dependency on computers in the workplace, and also the potential dangers associated with storing important data on them. Today’s business owners are constantly being reminded that their...
SYI: Save your Identity
The warning signs can start innocently enough that you don't even recognize them as being warning signs of impending doom. Perhaps it's a letter from your credit card company about a credit application. It might be a call from your bank inquiring...
You Lost Your Data... Don't Panic!
Inability to access your data stored on the data storage device could be caused by many reasons, from those that are easy to fix to those which are completely impossible to fix. If the damage is irreversible then data loss will occur. The causes...
|
|
| |
|
|
|
|
|
|
Business Continuity Testing starts with the risks
All business continuity analysis should be risk based, and risk prioritised to deal with the important business risks first. This means that any risks to your business need to be identified, examined and dealt with.
There are 4 options for dealing with each risk:
1. Reduce the risk. Reducing the risk falls into 2 categories – reducing the likelihood of the problem occurring and reducing the impact of the problem if it does happen. A simple example is that by having a fire alarm you are reducing the likelihood of a fire spreading unseen and by installing a sprinkler system you are reducing the impact of fire.
Reducing the risk is often referred to as mitigation. For example, data backups are a form of mitigation. They reduce the impact if a problem occurs which affects the primary data source. Any mitigating actions require testing to provide assurance they work when required.
2. Transfer the risk. This is an interesting option which may be seen as a get-out, but which is a perfectly valid thing to do. By transferring a risk it becomes someone else’s problem and you therefore have the risk covered. We are not talking about blaming someone else, or even transferring the risk to someone else in the company.
For example, there could be a risk that office space will not be available in the case of a disaster in the main location. Therefore the risk can be transferred to a third party company which organises office space for disaster recovery and keeps offices available for companies who need such a recovery service.
3. Accept the risk. By accepting the risk of a potential problem you are at least aware of its existence and can plan for it happening. If it is a risk that would have no impact for an acceptable period of time it should still be noted but you may decide to take no action until it occurs.
Almost by definition, accepting a risk is also
reducing the impact of the risk as you are aware of the potential problem and can write it into your business continuity plan.
4. Ignore the risk. This option should never be selected. There is never a reason for ignoring a risk once it has been identified. A risk can be accepted (acknowledged) but must never be ignored.
Once the actions for each risk have been identified, then anything put in place to help cope with a risk needs testing. However, many companies either test nothing at all or try testing every facet of a business continuity plan. Both methods are doomed to failure. The answer is to adopt a risk based testing approach from two perspectives: the business continuity plan is fit for purpose and it will work when invoked.
A health check (testing the plan is fit for purpose) needs to be performed by someone other than the authors of the business continuity plan. Ideally it’s performed by an independent third party that specialises in testing business continuity plans, but it could be a disinterested party from another part of the company. Independence is essential here for an objective assessment.
Testing the plan will work when invoked, must be viewed in a business context and the elements of the plan prioritised so that the risks with the most business impact and likelihood are tested first. This approach and the techniques to perform business continuity testing in a cost effective manner are the subject of other articles.
About the author:
A Streeb is an experienced practitioner of business continuity testing at Acutest, an independent consultancy specialising in business continuity assurance and software testing services. For more information on this topic visit http://www.acutest.co.ukor send an email to enquires@acutest.co.uk
|
|
|
|
|
|