The Business-Technology Weave

Jun 3 2011   11:07AM GMT

IDRU and DAPR, Pt. II: Directing purpose – achieving results

David Scott David Scott Profile: David Scott

 

The other day, we spoke of IDRU – check here for the beginning of our discussion if you haven’t already. 

Before discussing DAPR, which is disaster awareness, preparedness and recovery, and its position to IDRU, let’s consider:   Organizations, vendors, and practices have created a ready handle for recovery from disastrous harm – Disaster Recovery – with the attendant “Disaster Recovery Plan.”  The venerable Disaster Recovery Plan is meant to secure business continuity in the face of disaster.   However, security is ill served by this handle, and so too are many of the plans (and associated realities) that fall under it. 

“Recovery” is reactive, when we should have a plan that includes prevention of disaster.  Some measure of prevention is within our internal control, and some lies within our agility in sidestepping much of outside disaster’s influence and potential.  And, we strive to make disaster “transparent” to those whom we serve. 

The “recovery” aspect is poor branding.  Awareness and prevention are far better terms.

Too, mere “disaster recovery” is often given short shrift in terms of attention, resources, and any sort of test or proof of concept.  Many people, particularly Business people, are left to assume their disaster recovery efforts are in place, and will work, when in fact there is no reliable evidence to support this assumption:

     “Can you recover from disaster?” 

     “I guess so – we have a disaster recovery plan.”

Many don’t really know, because there’s never been an event to recover from.  But they have a plan.  (Place a check in that box.  Sleep well). 

Absent are identified, known, and agreed upon missions, beliefs, values, standards, and tests.  Here, we’re building awareness.

¨      Mission will be defined by your requirements for prevention, recovery when necessary, subsequent assignments, and exercises.  The mission will be associated with a policy, and the policy’s manifestation is achieved through a plan.

¨      Beliefs include prevention as a standard; the understanding of prevention’s true value; those things that need protection according to assessed risk and available resources; and your confidence and control. 

¨      Values support your beliefs – those things valued as necessary for sustenance of business.  Values will help establish that which is protected to the best point of prevention from harm.  There are also those valued business elements that determine the order of recoveries according to priority, when recoveries become necessary due to the truly unforeseen or truly uncontrollable. 

¨      Standards establish the degrees, or levels, to which your protection is certified, in supporting preventions.  Too, when recovery from damage is made, standards establish a period of time for how quickly full recovery is expected or necessary.  Standards can define increments of recovery, and they support the prioritization of the valued business elements through ranking of them.  

¨      Tests will be those simulations of harm that you employ to expose your level of success in preventions, recoveries, restorations, and the employment of identified alternative resources. 

 

You must satisfy yourself (believe) that you can meet your organization’s identified values and standards of business continuity in the face of disaster.  These things are necessary in order to provide some assurance that the best efforts have been made according to acceptable risks and available resources. 

When we arrive at that place, we find that what we really have is a policy, plan, posture – a mission – for:

Disaster  Awareness, Preparedness, and Recovery (DAPR)

In fact, you may wish to title this Disaster Awareness, Preparedness, Prevention and Recovery (DAPPR).  Suit and size to your organization, mission, position of readiness, and comfort.

When we talk about Disaster Awareness, Preparedness, and Recovery, we stand a better chance for securing business in the real world.  Recognize that the recovery aspect is for the truly unforeseeable.  The leverage to understanding and compliance is essential: 

Consider – DAPR forces, not a different question but, a set of questions: 

“Are we prepared for disaster?”

“I guess so – we have a disaster recovery plan.”

“Do you have an updated awareness for potential disasters?” 

“Well, let’s see – I guess we should list them.” 

“Now that you have an awareness, are you prepared?”

“No.  We’ve added some events, and we have a better understanding of others.”

“Are we properly prepared to prevent identified risks and potential bad outcomes?” 

“Prevention?  I thought this was Disaster Recovery…?” 

“Can you prevent harm where appropriate?  Can you truly recover from disasters  - have you tested your preparedness?”

“Well, we’ll have to develop some tests, and then conduct them…”

As usual, we can leverage understanding in a powerful way when we set simple and accurate identifiers right up front – the appropriate awareness.  DAPR helps us to better know ‘where we are.’  Disaster’s potential is a part of where we are, and we need an awareness of our surroundings as a part of that.  Preparedness is a route to a destination – a journey – a ‘how do we get there’ factor.  It leads us to the ‘where we’re going’ zones of prevention and to our strong abilities for recovery. 

Awareness is required before you can achieve preparedness, and preparedness is necessary for requirements supporting prevention and recovery.  Can you see the ‘where are we?’, ‘where are we going?’, and ‘how do we get there?’, elements of the previous statement?

We then require the satisfaction of a test to indicate your level of success in arriving at a state of prevention or recovery – and in arriving at a properly sized DAPR position for any moment in time. 

 

 

NP:  I Get a Kick Out of You, The Dave Brubeck Quartet, www.jazz24.org

 

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: