In the desire to drive home the importance of having a Business Continuity and Recovery Plan in place and using the terms together, people have begun to consider them the same thing, treating them as if they are interchangeable. That is simply not the case; Business Continuity and Recovery Plans are two different processes. While it is important to have both in place, if you hope to recover your business after a disaster, it is important to remember they serve different purposes and need to be treated differently when it comes to developing your plan.
Simply put, a Business Continuity Plan (BCP) focuses on your business developing a course of action for when disaster strikes. Your BCP should include the steps needed to ensure your products or services can be delivered in case of disaster or any critical event. The BCP is strategic; it’s only goal is to figure out the steps needed to keep your business running. This means a BCP must be personalized; there is no way a cookie cutter plan will provide you the insights needed to develop an effective plan for your business needs.
A Business Continuity Plan is the 30,000-foot view of determining who, what, where and how your business will be able to remain operational in case of disaster. It is the ‘bureaucracy’ which keeps the engine running, determining and delegating what each department and person is responsible for when disaster strikes.
- Devise a disaster recovery plan
- Clearly define organizational responsibilities (who, when, why, how).
- Determine the Business Impact Analysis (BIA) process.
- Decide which services are critical to the operation of the business.
In contrast, a Disaster Recovery Plan (DRP) can be considered as the ‘boots on the ground,’ implementing the goals of the BCP. In other words, the DRP enacts the plan developed by the BCP team: Business Continuity Plan is the strategy, while your Disaster Recovery Plan is the solution. A properly enacted recovery plan goal is to ensure that your business becomes as operational as soon as possible. Some things a DRP is responsible for are:
- Ensuring the infrastructure is operational (this may require alternate locations)
- Recovery of lost data via backup retrieval
- Testing, revising and ensuring DRP is reasonable, doable and actually works when you need it.
- Ensure connectivity (phones, internet and more)
- Hardware and software is operational
When we treat BCP and DPR as interchangeable, we risk neglecting issues that may be critical to providing services to our clients, after we have suffered a disaster. Here’s an example:
Your Managed IT provider has gotten your systems back online, your data is retrieved, and all systems are good to go. Only, because no one reached out to your customers, they don’t know you’re up and running and are looking for other business to solve their issues. A Business Continuity Plan would’ve delegated client communication to a team member, who would have contacted your clients and managed their expectations.
Another way to think about this is that the DRP should be part of the BCP and not treated as a separate entity. The Business Continuity Plan must cover aspects of keeping your business up and running: including the recovery plan.
Anything from the most benign situation to a natural disaster can interrupt the continuity of an organization’s operations. For this distinct purpose, many organizations have put a business continuity plan in place to circumvent many of the issues that result from operational interruptions. Our consultants can provide the knowledge base, technical experience, and solutions necessary to put a thorough continuity or return-to-operations plan in place.