Easy Data Recovery
Data Recovery Software, Tools, Methods, Reviews, Advice & More!
Business Continuity and Disaster Recovery - Risk Analysis and Control
Article By: Robert Mahood
In the risk evaluation phase, there are a number of key areas that must be covered. One of the most important is to understand probable threats. In an ideal world, which most of us have noticed does not exist, we would identify and protect ourselves against all threats to ensure that our business continues to survive. Obviously, we are constrained by other factors such as budgets, time and priorities and need to apply cost benefit analysis to ensure we are protecting the most critical business functions.
A second important step is to identify all probable threats and prioritize them. Threats, typically, can be classified in several ways such as internal/external, man-made/natural, primary/secondary, accidental/intentional, controllable/not controllable, warning/no warning, frequency, duration, speed of onset etc. While classifying threats is helpful in terms of understanding their characteristics and potential controls, grouping and understanding by business impact is also important. Obviously, the same impact can result from a number of different threats.
Identifying mission critical business processes and systems is another fundamental building block of the business continuity plan. After your critical business processes and systems and probable threats are established, the next step is to identify vulnerabilities and loss potential. This requires an extensive scan of the organization to identify vulnerabilities and then analysis to understand those vulnerabilities which would have the greatest impact on your critical business processes and the organization. This starts to clarify and quantify potential losses, which helps to establish priorities.
Following the identification of the most probable threats and vulnerabilities, an analysis of existing controls is needed. This spans physical security as well as people, processes, data, communications and asset protection. Some controls such as physical security and data backup are obvious. Other controls required are often less obvious, but they can be identified through the risk evaluation process.
Once the key building blocks of critical business functions, most probable threats, vulnerabilities and controls are identified, the next stage is to develop an understanding of the probability of threats factored by the severity or impact of the threats. This leads to the business impact analysis phase which establishes priorities for protection.
The goal is to minimize threats, impacts and downtime and to mitigate any losses. Fundamentally, the goal is to protect your people, protect your data, protect your vital communications, protect your assets and to protect your brand and reputation. Overall, of course, the goal is to ensure your business continues to operate and to do it in a cost-effective way meeting standards of reasonable and prudent judgment.
A second important step is to identify all probable threats and prioritize them. Threats, typically, can be classified in several ways such as internal/external, man-made/natural, primary/secondary, accidental/intentional, controllable/not controllable, warning/no warning, frequency, duration, speed of onset etc. While classifying threats is helpful in terms of understanding their characteristics and potential controls, grouping and understanding by business impact is also important. Obviously, the same impact can result from a number of different threats.
Identifying mission critical business processes and systems is another fundamental building block of the business continuity plan. After your critical business processes and systems and probable threats are established, the next step is to identify vulnerabilities and loss potential. This requires an extensive scan of the organization to identify vulnerabilities and then analysis to understand those vulnerabilities which would have the greatest impact on your critical business processes and the organization. This starts to clarify and quantify potential losses, which helps to establish priorities.
Following the identification of the most probable threats and vulnerabilities, an analysis of existing controls is needed. This spans physical security as well as people, processes, data, communications and asset protection. Some controls such as physical security and data backup are obvious. Other controls required are often less obvious, but they can be identified through the risk evaluation process.
Once the key building blocks of critical business functions, most probable threats, vulnerabilities and controls are identified, the next stage is to develop an understanding of the probability of threats factored by the severity or impact of the threats. This leads to the business impact analysis phase which establishes priorities for protection.
The goal is to minimize threats, impacts and downtime and to mitigate any losses. Fundamentally, the goal is to protect your people, protect your data, protect your vital communications, protect your assets and to protect your brand and reputation. Overall, of course, the goal is to ensure your business continues to operate and to do it in a cost-effective way meeting standards of reasonable and prudent judgment.
Choose A Customized Data Recovery Solution From DiskDoctors:
Robert Mahood has significant technology and management experience in data communications, internet, storage, disaster recovery and data recovery. He is currently the president of Midwest Data Recovery. www.midwestdatarecovery.com
bmahood@midwestdatarecovery.com, 312 907 2100 or 866 786 2595
bmahood@midwestdatarecovery.com, 312 907 2100 or 866 786 2595
Data Risk Analysis Resources
Gaining Business Intelligence
A white paper on how companies should analyse customer data to gain better business intelligence and how they can use that knowledge. In an increasingly competitive world, using your client database smartly,...
Mystery of the Unknown!
Your Work place is no longer available, disaster has struck, and time is money! How many times have you heard these statements? It is a nightmare for CIOs and IT directors to have to explain downtime...
Is Free Data Recovery A Wise Option?
It almost seems too good to be true, but free data recovery is out there and it is available to computer users like you an me! Several pop-up laden websites now offer what is known as “free data recovery...
When to Use a Data Recovery Program
When the data of your programs are fragmented all over your hard drive, a data recovery program helps you immensely. The program is designed to put all of the fragmented material back in the files they...
You Lost Your Data... Don't Panic!
Inability to access your data stored on the data storage device could be caused by many reasons, from those that are easy to fix to those which are completely impossible to fix. If the damage is irreversible...
Data Recovery The Easy Way
If you aren't prepared in advance, you will most likely have to use a data recovery service or data recovery software solution to help get back as much as you can of what was lost. This can be a very good...
