Every organization should have some type of business resumption plan in place, designed to respond to disaster. The term disaster, as defined in this article, breaks down into four categories:
- Natural damage
- Intentional harm
- Human error
- Acts of God
Any of these events that eliminate or severely impair a mission-critical function of an organization are assumed to be a disaster. Therefore, the definition of a disaster varies by organization. Various entities have different "pain thresholds" that define when an incident becomes a disaster. A bank, for example, will have different criteria than a poison-control hotline. With this fact in mind, any organization should begin the process of implementing "first alert" and response teams after it has completed a business impact analysis (BIA), preferably with the help of a reputable consultant. Your BIA should establish your organization's essential criteria for recovery timeframes, how quickly the organization should respond, and therefore how the first alert procedures should be structured.
First alert procedures for any recovery plan should provide for specific recovery tasks, including checklists, forms, and procedures required to allow assigned personnel to effect a timely recovery. All first alert procedures depend on communications. This article addresses the practical principles for how to develop such communications between responders, including but not limited to the following:
- Designation of specific, responsible personnel as "first responders" to disasters.
- Identification of teams responsible for initiating emergency recovery activities.
- Standards and procedures to maintain command and control in a recovery effort.
- How to communicate effectively with responders, and appropriate technologies to use for that purpose.
First Alert Procedures
Business resumption and disaster recovery are placed into action through a documented first alert process. The purpose of this process is to ensure that management is informed of a disaster at a facility immediately after discovery of the situation. Documented procedures and checkpoints are written into the disaster recovery plan, including an initial assessment of the damages. This all-important initial report provides responsible management with the information they need to answer an all-important question: "Do we declare a disaster or not?"
Since disasters come in all shapes and sizes, the people who first discover and report them also come in all shapes and sizes. Often the message doesn't get through to the right people. For example, people in an information technology department might have the impression that they'll get word of a problem first. In reality, this is more of an exception than the norm. For example, a night security guard or building facilities staffer might be the first to discover water coming under the door of a critical computer room. This is another reason why it's important to have first alert procedures. Such procedures must transcend the various departments in a large organization to ensure that the right people get the word immediately, no matter who discovers the problem.
It's impossible to cover all aspects of a good first alert process in a single article, but let's consider a few technologies that can enhance and streamline the first alert process.