Feasibility Study: Proposed solutions and recommendations
The modern day business environment is characterized by a multiplicity of the risks that face organizations. The implication is that successful organizations have to put in place strategies that enable them to recover once disaster strikes, whether natural or man-made. In this case, the company is lacking in regards to disaster preparedness. The company is ill-prepared to deal with a disaster once it occurs, meaning that the chances of recovering once the organization is hit by a disaster are minimal. The solution to the challenge that this business faces is coming up with a Disaster Recovery and Business Continuity (BCDR) plan.
The BCDR plan is a concept that comes into being via the collaborative efforts of organizational executives and the IT staff in the organization (Zalewski et al., 2008, p. 115). The modern day enterprise has recognized that business continuity and disaster recovery need to be mentioned in the same breath. The organization being consulted for in this case is lacking in the collaborative respect, since executives and the IT personnel are involved in making separate plans. Coming up with a BCDR plan will mean that the two will need to come together and consolidate their plans.
An important aspect to note in the construction of the BCDR plan is that the plan will be integrated with the day-to-day running of the organization. The resulting plan will not be a concept in the periphery, which is referred to at times of need. The BCDR plan will be integrated into the normal running of the organization. The importance of this move is ensuring that the cost associated with the plan is manageable, given the constraint regarding financial resources. Thanks to advancements in technology, it is feasible to embed the BCDR plan into the everyday operations . To this end, aspects such as network security and the input or access of information to the company servers will be at the center of the BCDR plan.
Apart from embedding the BCDR plan to the everyday running of the company, the plan will also seek to establish well conceptualized Internal Recovery Strategies. In the conventional setting, internal recovery is aided by having alternative sites that ensure continuity of operations once a disaster strikes . To this end, it will be necessary to ensure that the company has data which is backed up away from the primary site. The goal here will be to ensure that normal operations can run from the secondary sites once the primary site becomes a victim of a hazard.
Another key aspect of the BCDR plan is enlisting the services of other entities that specialize in recovery strategies. To this end, certain firms have specialized in the production of both hardware and software that comes in handy when disaster strikes (Zalewski et al., 2008, p. 117). These entities act as hosts of a company’s data and allow a client to access the data from secondary locations. In addition, such vendors prevent threats to information systems in the form of malware or hacking. A central aspect of the proposed BCDR plan is the investment in data backup. The advancements in technology have made it possible for organizations to back up their data either through software or by the use of drives. The cloud services are also a viable option that can be considered in this particular case.
Investment in a comprehensive BCDR plan is an option worth taken when compared to other options available for the company. An alternative to the BCDR plan would be an extensive educational and training exercise that informs stakeholders on best practices to ensure the security of the company’s information system. The downside to this option is that it can only be effective for man-made disasters, meaning that natural disasters are not covered. The BCDR plan addresses this shortcoming. Another option would be the investment in profit-oriented activity, with the hope that achieving more success would make the company be more resistant to threats. This line of thought arises from criticisms that view the BCDR planning process as an unworthy investment that does not yield tangible returns. Such thoughts are faulty since disasters are a reality, and companies need to be attentive to deal with them once they hit.
The ability of an organization to continue with its operations once hit by any form of challenge is a precursor to success . One of the company’s goals is to ensure that strategies that support the creation of more revenue are supported. Investment in the BCDR plan helps to realize this, by ensuring that a company gets on its feet as fast as possible after the occurrence of a disaster. In addition, the company has the goal of establishing and maintaining strategic partnerships with other entities with the goal of achieving mutual organizational success. Compromising of the information system bears the potential of destroying such partnerships. Other businesses would be unwilling to enter into partnerships with entities that lack the capacity to deal with individual challenges. Investment in the BCDR plan helps to avoid this problem.
Coming up with a BCDR plan for the said organization is a capital intensive act, which calls for collaborative efforts especially between the IT specialists and the management. To this end, there are four aspects that will require deep consideration. First, the preparation of the plan will require extensive support from the top executives, especially regarding finances. In addition, it will be necessary to come up with team leaders to spearhead the running of the BCDR plan. The team leaders will be instrumental in clearly highlighting the different roles of various stakeholders . The second aspect is the conducting of a risk assessment. This will require an evaluation of the current systems the company has, identifying their weaknesses and looking at the impact that disasters can have on normal operations. All these inform the nature of BCDR plans drawn. The third essential aspect within an efficient BCDR plan is having clear communication lines in regards to internal and external communications. In addition, audiences who are targeted within the BCDR framework need to be clearly identified. Lastly, the BCDR plan needs to allow room for continuous developments. These developments are informed by changing technology trends, new strategic alliances and changes in financing and budgeting .
Bibliography
Corradini, A., Hermann, F., & Sobociński, P. 2008, "Subobject transformation systems.". Applied Categorical Structures 16.3, pp.389-419.
IntegraTelcom. n.d, Business Continuity/Disaster Recovery Best Practices Checklist. Retrieved June 13, 2016, from integratelecom.com: http://www.integratelecom.com/resources/Assets/bcdr-checklist-integra.pdf
Shropshire, J., & Kadlec, C. 2009, "Developing the IT Disaster Recovery Planning Construct.". Journal of Information Technology Management 20.4, pp. 37-53.
Slater, D. (2015, May 20). Business continuity and disaster recovery planning: The basics. Retrieved June 13, 2016, from csoonline.com: http://www.csoonline.com/article/2118605/disaster-recovery/pandemic-preparedness-business-continuity-and-disaster-recovery-planning-the-basics.html
Zalewski, A., Sztandera, P., Ludzia, M., & Zalewski, M. (2008). "Modeling and analyzing disaster recovery plans as business processes.". In M. D. Harrison, & M.-A. Sujan, Computer Safety, Reliability, and Security (pp. 113-125). Springer Berlin Heidelberg.