Too Few Companies Prepare For Disaster Recovery. How Does Yours Rate?
Last week it emerged that 3 out of a group of 4 health services whose disaster recovery preparations have been assessed by the Queensland Audit Office have only basic DR measures in place.
Computerworld reports that Cairns, Mackay and South West Hospitals and Health Services only scored a 1 on the capability maturity model used by the QAO. That equals a “Basic” score.
It’s a timely reminder that even the largest and most mature of organisations can be caught out by not properly planning for the unlikely, but hugely damaging potential of a severe business interruption.
It’s an unfortunate fact that most of the new clients we take on do not have a plan in place for Disaster Recovery. And of those that do there’s a common pattern – once the initial effort is conducted the plan sits and gathers dust, untested until a real event occurs.
How about your organisation? Do you rate better than QLD’s hospitals?
- Have you conducted a business impact assessment to identify all your risks and calculated the time it would take to recover your systems if those risks presented themselves?
- Have you made a Disaster Recovery Plan to shorten your recovery time to an acceptable level?
- Are all the people who will be expected to put it into action aware of it?
- Is it tested annually and are the test results disclosed to the board?
- Is it up-to-date with the technology in use in your operations?
- Has it been reviewed by an independent 3rd party in the last 12 months?
If you fall short, consider talking to a company like Computer One about how you can engineer a higher level of preparation.
It takes time and it can be almost forensic in the level of planning required, but when disaster strikes, you’ll be glad you spent the time testing and honing your DR plan.