Disaster Recovery is about three things: planning, testing, and procedures. Banks have to satisfy compliance initiatives and answer to the FFIEC and OCC. Satisfying compliance initiatives may get you off the hook with the regulators and make you look good on paper, but what you are really interested in is staying in business for the long haul. Eighty-five percent of companies without a disaster recovery plan go out of business within a year after a disaster. After the World Trade Center disaster, statistics showed that companies with complete plans were operational within 30 days. While IT people are key partners in the disaster recovery efforts, their plates are usually full and overflowing.<\/p>\n","protected":false},"excerpt":{"rendered":"
DRP and its partner Business Continuity Planning (BCP) are board level initiatives and should be treated as such. If you don’t have someone within your organization with the right expertise, go find someone who specializes. Put someone in your organization solely and fully in charge of the effort with board level authority. <\/p>\n
If you never got to the point of testing your existing plan, the right consultant will help you develop a program that requires the least amount of investment initially. In disaster recovery planning, you have to do the right things in the right order and there are no shortcuts. This will require your patience, but not a huge chunk immediately out of your pocketbook. However, this is where testing mistakes can have huge negative impact on the business.<\/p>\n
Pick a smaller application and test recovery outside of the production environment. After each recovery test exercise, an honest review of the successes and failures is not a step to be taken lightly. This is your opportunity to refine, refine, and refine.<\/p>\n
Documenting procedures is not for the faint of heart.<\/p>\n
http:\/\/www.bankinfosecurity.com\/articles.php?art_id=150&PHPSESSID=180fe654b2a330ff0b5cdba0e36eec9f<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7,9],"tags":[],"class_list":["post-388","post","type-post","status-publish","format-standard","hentry","category-dr-crisis-response-crisis-management","category-financial"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/388","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=388"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/388\/revisions"}],"predecessor-version":[{"id":2875,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/388\/revisions\/2875"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=388"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=388"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=388"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}