Business Continuity and Disaster Recovery - Risk Analysis and Control

In the risk evaluation phase, there are a number of key areas that must be covered. One of the most important is to understand probable threats. In an ideal world, which most of us have noticed does not exist, we would identify and protect ourselves against all threats to ensure that our business continues to survive. Obviously, we are constrained by other factors such as budgets, time and priorities and need to apply cost benefit analysis to ensure we are protecting the most critical business functions.

A second important step is to identify all probable threats and prioritize them. Threats, typically, can be classified in several ways such as internal/external, man-made/natural, primary/secondary, accidental/intentional, controllable/not controllable, warning/no warning, frequency, duration, speed of onset etc. While classifying threats is helpful in terms of understanding their characteristics and potential controls, grouping and understanding by business impact is also important. Obviously, the same impact can result from a number of different threats.

Identifying mission critical business processes and systems is another fundamental building block of the business continuity plan. After your critical business processes and systems and probable threats are established, the next step is to identify vulnerabilities and loss potential. This requires an extensive scan of the organization to identify vulnerabilities and then analysis to understand those vulnerabilities which would have the greatest impact on your critical business processes and the organization. This starts to clarify and quantify potential losses, which helps to establish priorities.

Following the identification of the most probable threats and vulnerabilities, an analysis of existing controls is needed. This spans physical security as well as people, processes, data, communications and asset protection. Some controls such as physical security and data backup are obvious. Other controls required are often less obvious, but they can be identified through the risk evaluation process.

Once the key building blocks of critical business functions, most probable threats, vulnerabilities and controls are identified, the next stage is to develop an understanding of the probability of threats factored by the severity or impact of the threats. This leads to the business impact analysis phase which establishes priorities for protection.

The goal is to minimize threats, impacts and downtime and to mitigate any losses. Fundamentally, the goal is to protect your people, protect your data, protect your vital communications, protect your assets and to protect your brand and reputation. Overall, of course, the goal is to ensure your business continues to operate and to do it in a cost-effective way meeting standards of reasonable and prudent judgment.

About The Author

Robert Mahood has significant technology and management experience in data communications, internet, storage, disaster recovery and data recovery. He is currently the president of Midwest Data Recovery. www.midwestdatarecovery.com

bmahood@midwestdatarecovery.com, 312 907 2100 or 866 786 2595

CameraTown.Com (press release)

Data Recovery Made Easy with Hetman Uneraser Emediawire (press release), WA - Dec 3, 2008 Hetman Software announces the release of Hetman Uneraser, a fully featured data recovery tool to undelete and recover lost and deleted files. ... Photo Recovery Made Easy: Now with RAW Support PR Web (press release) all 4 news articles

International Business Times

Step By Step Data Recovery with Undelete Wizard International Business Times, NY - Dec 3, 2008 Data recovery software by Wizard Recovery company makes it easy to anyone to recover lost and deleted files after a system crash. ...

Kernel Panic in Linux American Chronicle, CA - 9 hours ago Data recovery Linux in any of the case, either from the failed or the formatted hard drive requires a prominent way out. Data worth and any risk imply that ... Getting Hard Disk Recovery is Easy American Chronicle all 2 news articles

The weirdest computing disasters of 2008 ZDNet - 12 hours ago The top 10 data blunders of 2008, compiled by data recovery firm Kroll Ontrack, have seen people across the world falling victim to acts of great stupidity ...

VINCI PLC Reduces Data Recovery Time by Two Thirds With Riverbed MarketWatch - Nov 26, 2008 Following installation of the Steelhead appliances, data recovery time dropped from 72 to less than 24 hours, and the company has experienced an eight-fold ...

Data Lost? Data Recovery Can Cure American Chronicle, CA - Nov 27, 2008 Thus, to rule out these situations, data recovery is needed to be conceptualized. Perfect plan of how to recover the lost data will not let you regret in ... Perform Hard Drive Recovery or Stay Alive With Disaster American Chronicle all 2 news articles

Lenovo Introduces Protection and Data Recovery Services NetworkWorld.com, MA - Nov 14, 2008 Data Recovery Service is offers a new hard disk immediately, while attempting to rescue the data from the faulty/ crashed hard disk. ...

eNewsChannels

Journal Linux Data Recovery Fails on Mounted Root File Systems American Chronicle, CA - Nov 19, 2008 The full journal data recovery Linux can easily be performed on the un-mounted file system, but not on the root file system. The Reiser FSCK tool does not ... HTFS Recovery in SCO Open Server American Chronicle all 3 news articles

Helios Data Forensics President Chris Hallgren Attains EnCase ... MarketWatch - Nov 12, 2008 PHOENIX, AZ, Nov 12, 2008 (MARKET WIRE via COMTEX) -- Chris Hallgren, president of Helios Data Forensics, is one of Greater Phoenix's most highly trained ...

New Diskeeper 2009 Defrag: A New Standard In Performance and ... eCoustics.com (press release) - 4 hours ago Diskeeper Corporation further provides real-time data protection and real-time data recovery™ with Undelete® data recovery software (www.undelete.com).