PURPOSE OF RECOVERY PLANNING

From Projects
Jump to: navigation, search

TERMS

There are many terms that you may encounter in the field of recovery planning. The most basic is ‘Disaster Recovery Planning’ which is usually used to refer only to the recovery of computer operations; ‘Business Recovery Planning’ is a superset of this in that it expands the area to include all other business processes in a company. Current thinking is that recovery is not enough; you also need to be prepared to carry on the functions of the business very quickly. This has spawned the term ‘Business Continuity Planning’ to mean planning for the continuation of the business. You may also see the terms Contingency Planning and Resumption Planning.


This document uses the term ‘Emergency Response Planning’ to address not only recovery and continuity planning but also the areas of emergency evacuations, continuing care of your employees and your customers and offering and receiving help from the community. The Plan is then known as the Emergency Response Plan.


INTRODUCTION TO RESPONSE PLANNING

This Emergency Response Plan (ERP) establishes an emergency management structure for any disaster or emergency, which requires extensive response activities. The plan is applicable to all kinds of incidents which can affect our business. These can be caused by natural disasters, or accidental or willful acts. These are explained later in this Plan.


The ERP should include information on emergency evacuation, preparedness, recovery planning and continuity planning.

Successful response planning assists in recovery and in ensuring continuity of core strategic business/service units, operations and processes. The planning should include material on the following:

Prevention:

addresses the positioning of those measures and activities that will lessen the possibility or the impact of an adverse incident occurring in your organization. The primary goals and objectives of the Prevention phase of a business continuity program are to protect the organization's assets and to manage risk.(Continuity Planning, Evacuation Planning)

Response:

is the reaction to an incident or emergency to assess the damage or impact and to ascertain the level of containment and control activity required. In addition to addressing matters of life safety, Response also addresses the policies, procedures and actions to be followed in the event of an emergency.(Recovery Planning)

Resumption:

refers to the process of planning for and/or implementing the resumption of only the most time-sensitive operations immediately following a disaster.(Recovery Planning)

Recovery:

is the process of planning for and/or implementing expanded operations to address less time-sensitive business operations immediately following an interruption or disaster.(Recovery Planning)

Restoration:

is the process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents, and for the restoration of normal operations at the primary site.(Recovery Planning)

All businesses depend heavily upon information and the ability to process and analyze this information. Information is used not only in Information Technology but also in business processes, such as accounting, and in machine processes, which are computer controlled. These businesses increasingly depend on computer-supported information processing and telecommunications. Technology and automated systems are often used to process and analyze information and their disruption for even a few days could cause severe financial loss and threaten the very survival of the business. This dependency will continue to grow with the trend toward decentralizing information technology to individual organizations within companies. The increasing dependency on computers and telecommunications for operational support poses the risk that a lengthy loss of these capabilities could seriously affect the overall performance and viability of the company.

An emergency is any incident that can cause significant injuries to employees, customers or the public; cause physical or environmental damage; cause technological damage; or that can shut down the business, disrupt operations, or threaten the corporation’s financial standing or public image.


This incident could be the result of a natural event, a human mistake or willful damage. The plan must respond to each of these.

An Emergency Response Plan is a __comprehensive__ statement of __consistent__ actions to be taken before, during and after a disaster.

The plan should be:

  • documented,
  • tested, and
  • maintained

to ensure the: continuity of operations, and availability of critical resources

in the event of a disaster.

Such a plan is designed to reduce the risk to an acceptable level by ensuring personnel safety, the restoration of critical functions within a short time frame, and all essential production within a longer, but permissible, time frame.

This plan must identify the critical functions and the resources required to support them. Guidelines are then provided for ensuring that needed personnel and resources are available for disaster preparation, assessment and response and that the proper steps will be carried out to permit the timely restoration of services.

The planning process in recovery planning attempts to identify all the possible adverse incidents and develop a series of specific actions to be taken before an incident occurs to facilitate the resumption of business activities following the incident.

An Emergency Response Plan gives our company a competitive advantage. With our Plan, we will remain in business and be able to provide our goods and service for our clients. Our marketing department will also be able to use the existence of our Plan to reassure clients that we will continue to be able to meet their needs.

Business Continuity Planning is incorporated into emergency response to addresses collective corporate actions on preventive measures, protection of assets, cross-functional coordination, testing, and public communications. Business Continuity Planning for emergency response identifies all the possible adverse incidents and develops a series of specific action plans to be taken before an incident occurs to facilitate the resumption of business activities following the incidents. These incident action plans serve as the foundation for initial response to any disaster or emergency and support existing business unit procedures.

The Emergency Response Plan identifies the roles and responsibilities of key operational areas of the company and supporting functions for the response and communications of emergency activities. This Plan does not address every conceivable hazard or emergency that could occur. The intent is to establish a corporate mentality that will help to identify unsafe and insecure situations in advance and which allows a temporary, flexible organizational structure to support (Company)’s field operations in responding to emergency situations of an extended duration and conveying information to appropriate parties as expeditiously as possible.

This Emergency Response Plan has been designed to incorporate, whenever possible, all existing company emergency plans and procedures. It is not the intent to replace the need for detailed department level procedures. Specific instructions for personnel responding to emergencies are contained in these department procedures. Each department is responsible for the periodic review and update of its procedures.

The purpose of emergency response planning is to ensure that the following four key elements are available, should a disaster occur:

A Place to Go

In the event of a disaster which disrupts normal business operation, the organization must be able to function at another location. This alternate site may be anywhere from an empty room which must be equipped to a fully operational facility.

People

The people required for recovery will include specific members of the organization plus outside agencies, including civil authorities and suppliers.

Records

The records containing the information necessary to restore the affected functions should include special business forms. Although many functions may not be performed during the first few hours or weeks following a disaster, organizations need to be prepared to restore them in the event of a long term stay at the alternate site.

A Plan to Follow

The plan includes the steps involved in getting the business back in operation as quickly as possible. It outlines who is going to do what and indicates the proper order of completion. It outlines who is responsible for what areas and explains what the priorities are. In addition, it includes guidelines for making critical decisions, a list of resources needed for recovery, and the names and addresses of suppliers and customers that may need to be contacted in the event of a disruption.

PURPOSE OF THE PLAN

The purpose of this Emergency Response Plan is to establish a streamlined and clearly defined emergency response procedure to assist the company’s normal operating forces responding to a severe emergency for an extended period of time. This plan will maximize the capacity to prepare for, respond to, and recover from all types of power system emergencies and disruptions.

The Emergency Response Plan:

  • Ensures an established organizational structure is in place to respond to any emergency requiring enhanced centralized support.
  • Ensures that regular communication channels between company Response Teams and customers, the media, government and regulatory agencies operate effectively in order to exchange accurate and timely information.
  • Establishes an Emergency Command Center, described in further detail later in this Plan, which is the facility designed to assist in the communication and coordination process.
  • Provides for personnel training, emergency drills, evaluations and critiques to continually refine procedures and improve participating personnel performance.

An Emergency Response Plan establishes a structure for coordinated response management. The plan will then:

  • minimize the extent of interruption;
  • define service alternatives for accomplishing critical applications;
  • ensure controlled emergency recovery;
  • regain total processing (computing and electrical service) capability;
  • provide trained personnel to handle emergency conditions and recovery operations; and,
  • define policies which will minimize the recovery time and cost.
  • ensure the life/safety of all (Company) employees throughout the emergency condition, disaster declaration, and recovery process.
  • reestablish the essential business related services provided by (Company) within their required recovery window as identified in the recovery portfolio in Section 2 at the declaration of disaster.
  • suspend all non-essential activities until normal and full business functions have been restored.
  • mitigate the impact to (Company) customers through the rapid implementation of effective recovery strategies as defined herein.
  • reduce confusion and misinformation by providing a clearly defined command and control structure.
  • consider relocation of personnel and facilities as a recovery strategy of last resort.

An added benefit is that the company will be, by the very nature of developing and maintaining this plan, less exposed to the likelihood of an incident.

The Emergency Response Plan:

  • ensures an established organizational structure is in place to respond to any emergency;
  • ensures that regular communication channels between Response Teams and customers, the media, governments, and regulatory agencies operate effectively in order to exchange accurate and timely information;
  • establishes an Emergency Command Center, described in further detail in this Plan, which is the facility designed to assist in the communication and coordination process; and,
  • provides for personnel training, emergency drills, evaluations and critiques to continually refine procedures and improve participating personnel performance.
  • establishes an organization structure that supports centralized oversight of emergency response activities;
  • establishes a concept of operations that provides an inter business unit coordination mechanism to facilitate emergency response activities;
  • incorporates the communication coordination mechanisms with customers, media, local government, regulatory agencies, and the federal government; and,
  • establishes incident action plans that each business unit will take in the overall corporate emergency response.

The Plan establishes an architecture for a systematic and coordinated corporate response.

This plan does not address every conceivable hazard or emergency that could occur. The intent is to establish the organization and procedures which will have sufficient flexibility to meet any emergency condition promptly and effectively. This plan does not replace or supplement procedures already in effect within a given department for the conduct of its normal operational responsibilities.


PLAN SCOPE

The plan applies to all business units, not only those tasked to provide response assistance in a disaster or emergency situation. All business units must bear some responsibility for continuity of their operations following an incident. Response actions include those actions and activities, which support business unit actions to restore electric service, protect public and employee safety, or restore business operations. No plan can address every possible conceivable disaster or emergency. The scope of this plan is to establish the corporate mentality, which will have sufficient flexibility to meet any disaster or emergency condition promptly and effectively.

Response Scope

A disaster or emergency may overwhelm the capabilities of one business unit. The plan establishes a centralized organization to organize business units responding to a disaster or emergency for an extended period of time. This provides for a coordinated corporate reaction which strengthens the response.

Resource Scope

Each business unit will provide resources using primary and support capabilities collaboratively to support the plan. If resources are taxed within one business unit, the ERP can assist in obtaining resources from other business units.

The plan identifies support that will be available if needed and specify the steps necessary to get that support. Decisions which are made prior to a disaster will minimize confusion during the period following the disaster.

A plan establishes the personnel responsible for recovery and assures adequacy and proficiency of personnel and plans through regular training, testing and maintenance

There is also a need for available money during a response period. The plan should detail how cash will be obtained for out-of-pocket expenses, how purchase orders and credit purchases needed in the response can be handled, and how employees will continue to be paid.

Incident Scope

This plan contains procedures for the company’s departments to respond to emergencies which are above operational levels. This includes such emergencies as loss of building power, fire, water damage and loss of network facilities to weather-related emergencies. This plan documents the tasks that will be required to minimize the effects and length of an emergency, and increase the response efforts.

Communications Coordination Scope

This ERP coordinates all communication activities to ensure coordinated, timely and accurate release of information to customers, media, and government agencies.

RECOVERY OBJECTIVES

The reason for having a Emergency Response plan is to minimize business interruption. The risk and size of the impact on company services is also minimized and subsequently, the cost implications of an interruption in these services to clients is minimized as well. The Emergency Response planning process involves the implementation of preventive measures to provide protection of assets, information, and personnel in conjunction with the development of a comprehensive Emergency Response plan designed to minimize business interruption.

Emergency Response Planning protects the organization in the event that all or part of its operations are rendered unusable. Being prepared is the key. The planning process should:

  • minimize the disruption of operations;
  • ensure organizational stability; and,
  • ensure an orderly recovery after a disaster occurs.

Other objectives include:

  • minimizing risk of lost production or services;
  • guaranteeing the reliability of standby systems;
  • providing a standard for testing the plan;
  • minimizing decision-making during a disaster; and
  • providing a sense of security.

This recovery plan and the associated documents provide a measure of security for the computerized records and other non-computer assets of (Company). The activities associated with the preparation of this plan include:

  • identification of the risks which may affect the critical functions;
  • identification of the likely impacts and costs inherent in those risks, should a disaster occur, and the likelihood of their occurrence;
  • after identification, determination of a reasonable level of expenditure on the Emergency Response planning process, and prevention and recovery;
  • determination of suitable prevention and protection processes, and the processes that facilitate the maintenance of the resulting plans; and
  • demonstration of the validity of the plans, by testing.

These objectives will be applied to ensure the plan addresses the following business areas:

  • risk management;
  • business impact analysis;
  • prevention and recovery strategies;
  • data center recovery planning;
  • business site recovery planning;
  • network (communications) recovery planning;
  • business function/unit recovery planning; and
  • enterprise-wide recovery planning.


BENEFITS OF A RECOVERY PLAN

The real benefits of a plan are minimizing potential loss by identifying, prioritizing and safeguarding those assets that the need the most protection. The plan will save valuable time and money in the event of a disaster.

An established plan having a clearly-defined course of action will return your systems to production quickly. Without a plan, the lost motion, mistakes, guesswork, and other fumbling will make the recovery plan several times longer and often impossible.

When complete, your plan will define remote locations where backup files, software, documentation, etc are stored. In addition, the plan will identify outside support that will be utilized if needed and specify the steps necessary to relocate to an alternative site if required. The identification of responsibilities is a very important aspect of the plan. Policy decisions which are made prior to a disaster will minimize confusion during the period following the disaster. The plan will encompass the variety of procedures ranging to the repair and replacement of the data processing equipment configuration.

A plan establishes the personnel responsible for recovery and assures adequacy and proficiency of personnel and plans through regular training, testing and maintenance.


EMERGENCY RESPONSE OBJECTIVES

The goal in managing any emergency is to reach a level of heightened operating efficiency as quickly as possible. This increased efficiency will achieve prompt restoration of customer service, and while protecting the safety and welfare of the staff and public. The Emergency Response Plan establishes overall emergency response priorities such as:

  • Protection of Public and Employee Safety
  • Damage/Emergency Assessment
  • Restoration of Services
  • Protection of Property
  • Customer Communication and Assistance
  • Government Communications


STRATEGY

In order to facilitate a recovery regardless of the type or duration of disaster. (Company) has implemented multiple recovery strategies. These strategies are categorized into three (3) levels. Each level is designed to provide an effective recovery solution equally matched to the duration of the emergency condition.

Short-Term Outage - Intra-Day

A short-term outage is defined as the period of time (Company) does not require computerized operations or production facilities, or where an outage window of the same day or less would not allow adequate time to restore / utilize automated recovery operations.

Medium-Term Outage - Next Day to Six Weeks

A medium-term outage is defined as the period of time that (Company) will execute its formal emergency response strategy, which includes actually declaring a disaster. A disaster may either be declared company-wide or only for the affected department or building. The decision to declare a disaster will be partly based on the amount of time / expense that is required to implement the formal recovery and the anticipated impact to (Company)'s business over this period of time.

Long-Term Outage - 6 Weeks or More

A long-term outage is defined, as the period of time that (Company) will exceed the allowed occupancy time of its primary recovery strategy. During this phase of recovery (Company) will initiate a physical move of personnel and resources. The response strategy explained below pertains specifically to a disaster disabling the main computing facility. This functional area provides main computer and major server support to (Company) administrative applications. Especially at risk are the critical applications - those designated as Category I systems. Summarizing the provisions of the response plan, subsections below explain the context in which the Computer Center's Business Continuity Plan operates.

This section addresses three phases of emergency response:

  • Emergency
  • Backup
  • Recovery

Strategies for accomplishing each of these phases are described below.

Emergency Phase

The emergency phase begins with the initial response to a disaster. During this phase, the existing emergency plans and procedures of (Company) Protective Services direct efforts to protect life and property which is the primary goal of initial response. Security over the area is established as local support services such as the Police and Fire Departments are enlisted through existing mechanisms. The Response Management Team is alerted and begins to monitor the situation. If the emergency situation appears to affect the main data center (or other critical facility or service), either through damage to data processing or support facilities, or if access to the facility is prohibited, the Response Management Team will closely monitor the event. Once access to the facility is permitted, an assessment of the damage is made to determine the estimated length of the outage. If access to the facility is precluded, then the estimate includes the time until the effect of the disaster on the facility can be evaluated.

If the estimated outage is less than 48 hours, recovery will be initiated under normal Information Systems operational recovery procedures. If the outage is estimated to be longer than 48 hours, the recovery process moves into the back-up phase.

The Response Management Team remains active until recovery is complete to ensure that the Center will be ready in the event the situation changes.

Back-up Phase

The back-up phase begins with the initiation of the appropriate Team Plan(s) for outages enduring longer than 48 hours. In the initial stage of the back-up phase, the goal is to resume processing critical applications. Processing will resume either at the main data center or at the designated hot site, depending on the results of the assessment of damage to equipment and the physical structure of the building.

In the back-up phase, the initial hot site must support critical Category I applications for up to 10 weeks and as many Category II applications as resources and time permit. During this period, processing of these systems resumes, possibly in a degraded mode, up to the capacity of the hot site. Within this period, the main data center will be returned to full operational status if possible.

Recovery Phase

The time required for recovery of the functional area and the eventual restoration of normal processing depends on the damage caused by the disaster. The time frame for recovery can vary from several days to several months. In either case, the recovery process begins immediately after the disaster and takes place in parallel with back-up operations at the designated hot site. The primary goal is to restore normal operations as soon as possible.


MANAGEMENT INPUT AND COMMITMENT

Continued operations depend on:

  • management's awareness of potential disasters;
  • their resolve and ability to develop a plan to minimize disruptions of critical functions; and,
  • their capability to recover operations expediently and successfully.

Management recognizes that the probability of severe damage to facilities, data processing, telecommunications or support services capabilities that support the company may be low. However, it is important to recognize that the cost of a major incident can be huge. Because of the potential impact, a plan for reducing the risk of damage from a disaster is vital.

CONCEPT OF OPERATIONS

Emergency Response Organization

When an emergency occurs that requires more than a normal operational response, some business units have developed procedures that direct correct response tasks. Each business unit should have response tasks that follow incident procedures. When business units recognize that an event requires increased centralized support, or help from some other team in the company or that media attention has intensified, part or all of this Plan can be invoked to provide an increased level of coordination and communication.

The magnitude of an emergency situation determines the level of response which may be required in order to resolve the problem. It is the intent of this Emergency Response Plan to streamline the response and preparation processes. This streamlining will enhance the company’s effectiveness in responding to emergencies.

Normal Operations

(Company) should always be prepared to respond to emergency situations, and monitor remedial actions taken in order to resolve problems. Regular communication channels are established to handle emergencies. During normal operations, business units direct all decisions according to company policy.

Emergency Operations

Activation of all or part of the Emergency Response Plan will streamline the normal lines of communication and coordination by providing direct access to key decision makers. Response actions in an emergency situation will be under the direction of the Response Management Team.

The Plan will improve the ability of (Company) to act more effectively in resolving emergencies.

Response Teams

Responding to emergencies and providing communications to employees, customers, government agencies and the media is a routine function of emergency operations. In the Emergency Response Plan, the groups that do this are designated "Response Teams".

Support Teams

Upon activation of the Emergency Response Plan, additional Company personnel will be mobilized to assist in the resolution of the emergency. These personnel will be organized into Support Teams, with assigned responsibilities to assist the Response Teams in designated functional areas. When the condition which initiated the activation of the Emergency Response Plan has been eliminated or reduced to proportions manageable by the Response Teams, the support teams will be reassigned to normal operations.

Types of Emergencies

The types of emergencies for which contingency plans have been developed are included later in this plan. They are divided into Natural, Technical and Human emergencies.

Priorities

The goal in managing any emergency is to reach a level of heightened operating efficiency as quickly as possible. This increased efficiency will achieve prompt restoration of customer service, and while protecting the safety and welfare of the public. Priorities specific to each emergency situation are addressed in the Appendices.

The Emergency Response Plan establishes overall emergency response priorities.


ASSUMPTIONS

(Company)’s Emergency Response Plan was developed under certain assumptions in order for the plan to address a broad spectrum of disaster scenarios. These assumptions are:

  • The situation that caused the disaster is localized to the building or facility housing the functional area; or to the computer and communication systems and networks that support the functional area.
  • It is not a general disaster, such as an earthquake or a flood, affecting a major portion of the metropolitan area. It should be noted, that the Plan will still be functional and effective even in an area-wide disaster. Even though the basic priorities for restoration of essential services to the community will normally take precedence over the recovery of an individual organization, a company's Emergency Response Plan can still provide for a more expeditious restoration of the resources for supporting key functions.
  • The Plan is based on the availability of the hot sites or alternate locations. The accessibility of these, or equivalent back-up resources, is a critical requirement.
  • Any resources required for the restoration of critical business functions will reside outside of the primary facility.
  • Any vital records required for recovery can be either retrieved or recreated from an off-site location and moved to the recovery facility within 24 hours.

With these assumptions, what do you do ? The reason for assumptions is to reduce the disaster to manageable tasks.

In addition, you must plan for the major/worst case disaster. If you plan in this way, anything of a lesser degree should be covered by your Plan.

As an example,

  • the Computer Center has been completely destroyed along with all equipment and documentation;
  • Backup tapes and documentation are stored off-site;
  • Many employees are injured or deceased;
  • All data processing support areas have been destroyed;
  • Trained employees familiar with the critical business functions will survive the disaster to implement the Emergency Response Plan.
  • the Telecommunications network control has been completely destroyed.

The Plan is a document that reflects the changing environment and requirements of your company. Therefore, the Plan requires the continued allocation of resources to maintain it and to keep it in a continued state of readiness.