Steps to Effective Business Continuity Planning

In today’s data-dependent world, many small and midsize businesses still have ineffective or nonexistent business continuity plans in place.

According to the 2007 Best’s Underwriting Guide by A.M. Best, only 6% of companies that suffer catastrophic data loss survive, while 43% never reopen and 51% close within two years of the disaster. It is imperative that SMBs recognize and plan for the potential risks that exist in today’s IT-focused climate. Below are five steps to consider when developing a business continuity plan:

Plan for a wide range of possible scenarios. Downtime—whether it is a result of a hurricane, fire, power outage, hardware failure, or human error—affects your IT infrastructure and ultimately your productivity and bottom line. When developing a disaster recovery strategy, your company should consider various possible disaster scenarios and plan accordingly.

Understand your time and data requirements. Determine how much time your company can afford to be down as well as how much data you can afford to lose. Armed with this knowledge, your company can balance recovery requirements and risk tolerance, and budget how much you are willing to spend on a disaster recovery strategy.

Look to keep your people, systems, and information connected. Your business continuity strategy must encompass information, systems, people, and processes, as well as the complex interdependencies among them. If your workforce cannot connect to systems and data, there is no business. As part of the planning process, also consider what the best strategy is for your company in managing critical systems and components—either internally, with a managed hosting provider, or a combination of both.

Investigate advanced technologies. Disaster recovery technologies have changed considerably in recent years, and solutions that were once only common in large enterprises, such as replication, vaulting, and virtualization, are now becoming more accessible to SMBs. With these new powerful yet affordable technologies, it has never been easier to achieve even greater precision in recovery time frames and data points.

Plan and test. Planning involves much more than just backing up your data. Many companies think they have an effective disaster recovery plan, but unless it is tested, it is only a plan on paper and not in reality. It is essential for your company to develop and test your plan so the first time it is executed is not during an emergency. Industry research firm Yankee Group recommends running a disaster recovery test every quarter to help ensure your protection mechanisms will actually protect you when you need them most.

When the unexpected occurs—from unplanned downtime to a major disaster—the details and unplanned variables are what always impede a fast recovery. It is important to test the way you recover, and recover the way you test. Practice and experience pays off in a time of crisis.

Jim Olson Vice-President of Inside Sales & Solutions Engineering SunGard Availability Services Wayne, Pa.

Before it's here, it's on the Bloomberg Terminal.