Where is your Disaster Recovery Plan?

I wrote an article recently entitled ‘A Story About Business Risk’.

This article highlighted the need for all business leaders to be aware of the risks to their business and ideally have a plan to mitigate those risks.

I was trying to draw people's attention to the wider less tangible risks rather than the more tangible risks like Cyber attacks or the Internet going down.

Then lo and behold some days later a bug in a software update issued by a cyber security provider (Crowdstrike) brought down systems in Banks, Airlines, Doctor's surgeries etc. and caused worldwide disruption.

It is virtually impossible, however much testing is done, to replicate every individual computer user's (often unique) environments so bugs do occasionally get through and impact a few users - but this wasn't a few users it was many, many thousands. Some suffered a significant impact to their businesses, some were able to get their systems back up and running within a few hours.

Some airlines were handwriting boarding passes - they had a disaster recovery (DR) plan in place!

So this brings me back to Business Risk and Risk Management.

A lot of business leaders pay lip services to so-called Disaster Recovery (DR) plans - what the business will do in the event of a major problem, for example, computer or Telecoms systems being unavailable. Because they think their suppliers will have systems in place to protect their data and their access to that data and their systems.

As we have moved away from having computer systems on-site (on-premise) and migrated to the Cloud (remote servers) we have put a greater reliance on our suppliers to protect our systems and data than ever before. In the past we would take regular copies (back-ups) of our data and store them somewhere safe so that we could restore our systems in the event of a system failure. Now we expect someone else to do that with replicated servers interconnected over the internet co-located in different places - perhaps even different countries.

But as we have seen from this example when the large suppliers sneeze we get a very bad cold - and we get it without warning.

I am not advocating that everyone goes out and buys a glut of extra computer or telecoms equipment to mitigate such challenges. What I am suggesting is that you know what you will do if (when) such a challenge occurs.?

This is a wake-up call to those business leaders who pay lip service to their Disaster Recovery Plans. Give somebody senior responsibility for owning and testing these plans occasionally? - you never know when you will actually need to implement these plans.

Everyone thinks they have got a plan until they get punched in the face!

Get your DR plans on your Risk Register and review them regularly - otherwise rather than paying lip service to your DR plans you may end up with a very, very fat lip and not even be able to eat humble pie!

At Pabasso - Peer Advisory Board Associates we are focused on helping leaders of established businesses progress through shared experience, expertise and support.

We are always looking for leaders of established businesses, currently only in the Yorkshire region, who are keen to benefit from the experience and expertise of other business leaders, as well as experienced business leaders to join us and Chair more Pabasso boards. Interested? Why not drop us a note or give us a call to find out more?