The idea of a natural disaster is often something we don’t prepare for personally or professionally until it’s too late, which is when it’s already happened, or we’re dealing with the aftermath. A natural disaster can include anything from wildfires such as those in California to hurricanes, often seen along the Gulf and Atlantic coasts.
It’s important to have a disaster preparedness plan not only for your home and family but for your business as well.
What Is a Business Disaster Recovery Plan?
While the specifics can vary depending on your business, your industry, your location, your size, and many other factors, across the board there are a few things that a disaster recovery plan will often include. The general goal is that it’s a detailed plan as to how your business will recover from a catastrophic event.
Initially, once you ensure everyone is safe, your disaster recovery plan will go into how you’ll stay in operation, to whatever extent you can.
When a business has a disaster recovery plan, it can help them avoid bankruptcy after a devastating event.
Some of the most general components that should be included in a disaster recovery plan are:
- Your plan should include a list of critical jobs. These are the jobs that your business can’t function without. What would likely happen is that you would temporarily relocate your business to whatever your defined alternate location was, and those jobs that are critical to functionality would be done from that location.
- Create an inventory of the office equipment that’s necessary. This might include computers, phones, and certain software. Think about those things that you use day in and day out, and also consider office equipment that takes a supporting role.
- Have a plan for the location of your alternative office space. You might, for example, have an agreement with a nearby business to share a space if there’s a disaster, or maybe you would move into a home-based office. Another option might be a coworking space.
- Outline details of your insurance plans, and then create lists proactively for your insurance company that you can submit if the need arises.
- Your disaster recovery plan isn’t just something that’s theoretical. It needs to be written down and shared with someone else.
Your disaster recovery plan needs to also include information that outlines how you’ll communicate and what role assignments maybe during this time, particularly if these roles are outside of day-to-day job roles.
All employees need to know one another’s contact information and what’s expected of everyone in the days following a disaster.
Employees need to not just be aware of the plan but trained on it. The plan should be written in clear, concise language.
Review Your Insurance Policies
When you’re in the process of creating a disaster recovery plan, it’s a good time to go over all of your insurance policies and coverage as well.
You need to ensure that you have enough coverage for indirect costs of a disaster, such as business disruption in addition to the cost of things like making repairs or rebuilding. Be aware that most insurance policies don’t cover damage from earthquakes, hurricanes, or floods, so you’ll need separate policies.
Ensure you know the details of your limits and policy deductibles, and watch for policy guidelines on improvements or additions.
Also, understand the true costs of a disaster because they can beyond physical damage. There’s, for example, loss of income.
You have to really go through policies with a fine-tooth comb and make sure there are no gaps.
Some of the components of commercial insurance that you should have include:
- Building coverage
- Business personal property coverage
- Tenant improvements
- Business income coverage
- Extra expense coverage
- Ordinance or law cover to rebuild or repair a building, ensuring it’s up-to-code
IT Disaster Recovery
Your disaster recovery plan should take a full accounting of everything related to IT. You will need to have a plan for your IT network that will allow for enough data recovery and system functionality that your business can continue to operate.
An IT disaster recovery plan will include methods of backup.
One option is data center disaster recovery. With this option, you store your businesses’ data onsite, but you have redundancies in place to protect data.
A cloud-based disaster recovery plan means that all of your data is stored offsite, and then you don’t have to worry about it being lost or damaged if a local disaster occurs.
Virtualization disaster recovery means that all of your IT resources are created in a virtualized form, and this includes servers, networks, and applications. They’re stored with a host so you can fully restore your system if necessary.
Finally, another general option is called disaster recovery as a service.
To create an IT disaster recovery plan, you should first do an inventory of all assets. You should inventory not only these assets but also create a map showing where its physical location is, what network it’s on and what the dependencies are.
You can then do a risk assessment in which you consider the worst-case-scenario in terms of both internal and external threats. An IT disaster recovery plan is unique from your general business disaster recovery plan because it’s not just things like natural disasters to plan for. It’s also issues like cyber attacks.
Following your risk assessment, you can start classifying all of your applications and data based on how critical they are to operations.
Finally, you’ll want to outline your objectives for recovery.
It may be that your business really can’t go without any of your data and applications for very long. On the other hand, your objectives might be to get a few things up and running, and you may have a longer tolerance for downtime in other areas.
You can define what’s called a recovery time objective, which is how long your business can realistically go without certain data and systems. This will help you prioritize both in the creation of your plan, and your implementation of the plan if that becomes necessary.