Forming Disaster Recovery and Emergency Response Teams
If you have been exposed at all to disaster recovery planning, you have probably been introduced to the concept of recovery planning teams.
This article is designed to help you define or refine the recovery team concept for your organization. If you already have recovery teams in place, use this article as a convenient checklist. If not, use it to set some up.
Most sizable organizations have some type of business resumption plan in place that is designed to respond to a disaster in an equipment room or other facility. A disaster, for purposes of this article, is loosely defined as an incident that damages a facility, some equipment, or data supporting a "mission-critical" business function.
For such an incident, the response plan should provide for specific recovery teams to allow assigned personnel to effect a timely recovery. Recovery teams should therefore include the following:
- Specific "first responders" to disasters
- Teams specifically empowered to activate and supervise a recovery plan
- Teams to support the affected facility, any alternate work locations, and if necessary, recovery centers
Who You Gonna Call?
To call any recovery team, you must first establish what the military calls 4Ci, which stands for Command, Control, Communications, Computers, and intelligence.
The first four are pretty self-explanatory in the context of disaster recovery planning. Intelligence does not mean that people in your organization instantly become smarter. In this context, intelligence means the ability to feed an instant situational analysis of what happened and how bad it was, upstream to executive management.
In wartime, the military pretty much respond to one crisis after another, so they are very good at 4Ci. Today, more and more commercial organizations are demanding this level of precision. That’s why business resumption plans are typically initiated through some kind of first alert process.
Like the military, the purpose of a first alert process is to ensure that management is informed of a disaster at a facility immediately after it is discovered. Documented procedures and checkpoints are written into the plan, including an initial assessment of the damages, which quickly provides responsible management with the information necessary to answer this all-important question: Do we declare a disaster or not?
This is not always an easy decision because disasters come in all shapes and sizes, including the following:
- Natural disasters
- Temperature extremes
- Water damage: roof leakage, sprinkler systems, drains, and so on
- Contamination of the building
- PCBs (such as from a fire in a transformer)
- Other causes
- Intentional causes
- Bomb threat
- Rioting, martial law
- Telephone cable cut
- Internet failure, virus, or intrusion
Because disasters come in all shapes and sizes, the people who first discover and report them also come in all shapes and sizes. Often the message does not get through to the right people without a delay.
For example, people in the Information Technology department make the assumption that they will get the word of a problem first. Not true. In practice, a night security guard will probably be the first to discover that the power is off or that a water pipe is broken. That’s why it is important to have first alert procedures that transcend the various departments and always ensure that the right people get the word immediately, no matter who discovers the problem.
Once procedures to do this are in place, you can begin thinking about response teams.