Call Phone Icon 020 3780 7200

Business Continuity Plan (BCP) & Disaster Recovery Plan Template (DRP)

importance of disaster recovery plan
Author AvatarRoy CastlemanApril 21, 2016

As anyone whose business relies on technology knows, even so-called “stable” systems are subject to problems at any time. Whether such issues are technological in nature (cyberattacks, user error, hardware failure etc.) or the results of a different cause (theft, power outage, natural disasters etc.), maintaining consistent services for customers is a critical and ever-evolving challenge.

Fortunately, with sufficient disaster recovery planning, disaster events such as those mentioned can usually be dealt with efficiently and with minimal disruption to one’s business operations. To this end, an effective disaster recovery plan (DRP) will help companies to recover from any kind of technological service disruption that affects their ability to operate as normal and serve their customers.

At EC-MSP, we believe that all service-disrupting events create a standard set of circumstances. This means we can group any number of disaster events under the same responses. In the case of disaster recovery plans, this standardisation means each plan becomes more useful, enabling businesses to respond in the most appropriate manner to any category of disaster.

For example, say a company loses access to its main servers. Whether due to a cyberattack or a power outage, the response in the disaster recovery plan for lost access to data would focus on restoring access to the servers or routing traffic to a backup server.

Taking this approach adds a significant return-on-investment to the time and cost of developing a DRP. No matter what kind of disaster takes place, EC-MSP’s grouping approach helps make each kind of loss something that can be planned for, whether

  • File loss, system failure, or technical failures (such as human error, cyber attacks, or faulty hardware)
  • System loss (such as a power outage or equipment theft)
  • Full loss of site and system (such as in the event of a natural disaster)
  • Staff loss (from wholesale headhunting, lottery syndicate, illness, etc.)

Understanding these problems enables disaster recovery plans to be developed around a company’s specific needs, risks, and recovery options.

 

Difference between BCP and DRP templates

Several differences exist between a Business Continuity Plan (BCP) and a Disaster Recovery Plan (DRP). Both of them certainly have their place in the working environment. However, you need to ensure that both are up to scratch for your business to continue operating as optimally as possible. 

 

For this reason, you should consider putting more emphasis on your BCP than on your DRP. But what are the main differences between a BCP vs a DRP? Let’s delve into this below: 

  • A BCP plan ensures the lights stay on even when something unusual happens with the network or your business’s IT infrastructure. On the other hand, a DRP ensures that users can regain access to the company’s infrastructure even when there has been either a complete system shutdown or temporary loss of data access. 
  • A DRP plan calls for more of an emergency action than a BCP. For example, companies may have to source additional equipment when they are implementing a DRP. A BCP will typically use existing resources to ensure that business can continue as normal in the event of some encountering an unfavourable circumstance. 
  • BCP vs. DRP also differ in what goals they are set out to achieve. BCPs ensure that operations can continue as best as possible and are, therefore, proactive in their approach, whereas DRPs are reactive, aiming to repair a fault. 

 

Different types of BCP template

When building a BCP, there are several templates you can use. Not all BCP templates will suit your business or your organisation. You can, therefore, find a template that best suits you to get the most out of your BCP. There are 12 types of templates for BCPs that exist. These usually exist for different entities which are are namely: 

  • IT services. A BCP will enable companies in this sector to protect data, continue to assist their customers, and ensure networks remain operational. 
  • Small businesses. A BCP will protect a small business’s network and allow it to continue to access certain aspects during a period of downtime. 
  • SaaS organisations. These BCP templates place more of a focus on their IT infrastructures than other departments, given the nature of their trade. 
  • Banking. BCPs ensure that banks continue to operate in a capacity where customers are supported. There is also a great focus on their IT infrastructure recovery, given that they need to remain secure against cyber attacks during downtime. 
  • Cloud computing. Most BCPs in the cloud-computing sector will focus on cybersecurity, as they can become very vulnerable to cyber attacks during a shutdown. 

 

What Are the Stages of a DRP?

There are two basic stages contained in an effective disaster recovery plan.

  1. Stage One: Determining hardware requirements. This includes identifying the type of disruptive event and then defining if the recovery process requires hardware (such as in the event of a power outage). This stage also includes elements such as contacting suppliers of replacement hardware.
  2. Stage Two: Component recovery. This includes elements like getting the internet, phones, servers, and other necessary hardware working again. This also includes data recovery or getting additional staff, depending on what’s needed.

Using this two-stage approach helps companies account for any elements that may be disrupted during a disaster and how each will respond. This can include:

  • Backup facilities – Are they readily available, or do temporary facilities need to be contracted out?
  • Office facilities – Is there an alternate location work could continue, or could workers telecommute from home?
  • Staff – Are there additional staff members that could be called in? Does a temporary staffing agency need to be contacted?
  • Safety – Could anything related to the disaster compromise the safety of staff or customers?
  • IT recovery – What hardware needs to be replaced? Do suppliers need to be contacted to provide replacements?
  • Telecoms recovery – How can communication like email or phones be routed to resume normal service?

It also includes specific actions each team member can take during a disaster, to begin recovery. Here’s an example of how various staff members work together during disaster recovery:

  • Staff Member 1: With the help of the DRP, decides on the type and severity of the event. Then initiates staff contact, IT support, and other Critical contacts with information.
  • Staff Member 2: Passes on the message and arranges office space for staff on a day-by-day basis (while coordinating with insurance company)
  • Staff Member 3: Contacts current clients and advises of the event type and any changed sales process deadlines.
  • Staff Member 4: Contacts suppliers to inform them of the event and any critical payments that may be delayed.

An actual disaster recovery plan would provide each staff member’s responsibilities in greater detail, but this should convey the kind of information that ought to be included.


How Long Does it Take to Put a DRP in Motion?

A good plan will identify each step that needs to be taken in any type of event and include estimated timeframes when necessary. This gives a clear, actionable estimate for your business when a plan is needed.

For example, a loss of location takes about 2 hours to action as workers begin working from home. A loss of system (such as in the event of a cyberattack or virus) begins implementing immediately but may have a 4 hour time frame to action.

Note that this is simply to begin putting a plan into action. Depending on the type of disaster and recovery needed, completing the recovery process can take significantly longer. (For example, a full loss of site and system would take more time to recover from than phone system failure.)

 

What Should Go Into Your Disaster Recovery Plan?

There are a wide range of factors that affect your business’s ability to go into recovery mode after an event. For example, does your business rely on on-site system backup, or does it employ cloud-based backup solutions?

The best option is to speak to a professional who can guide you on your specific use case and lead your business into a safe, effective recovery as quickly as possible.


Customers Want Access 24/7

Unfortunately, in the event of a disaster, customers can be somewhat impatient. They demand access to company services and data around the clock, making expediency during disaster recovery especially important. Developing a DRP helps ensure your business can continue to operate as quickly as possible and meet those customer needs.

When disaster strikes – no matter what happens – your business will have a clear, actionable way to get up and running as quickly and cost-efficiently as possible. The time to get you company’s plan in order is now. EC-MSP is considered by many to offer London’s top IT support, so our advisers are all very experienced and know how to help companies like yours to develop an optimal strategy. Get in touch with us today to begin the discussion.