The Business-Technology Weave

Mar 11 2013   9:01AM GMT

DAPR: Harming Events & Circumstances

David Scott David Scott Profile: David Scott

[Note:  Scroll for earlier articles in this sequence]

Your organization must assess your specific vulnerabilities relative to  threat, risk, likelihood, and business priorities.  As you examine each area of risk, consider the impact to functional business areas.  When planning protection to, and recovery to, specific business areas, it helps to simplify and  focus things by ordering risk-effect, within these broader considerations:

Loss of All Centralized Processing and Systems

Loss of Some Central Processing and/or Some Systems

Loss of Content

Damage to Content

Harming Events and Circumstances:  By no means comprehensive, these things should be accommodated by your DAPR policy and planning process:

– Environmental Events

  • Weather
    • Snowstorms
    • Floods
    • Lightning
    • Tornado
    • Hurricane
    • Rain
  • Natural Hazards/Danger
    • Fire
    • Drought
    • Landslide
    • Contamination
    • Epidemic

– Deliberate Acts of Disruption

  • Terrorism
  • Sabotage
  • War
  • Theft
  • Arson
  • Disputes
  • Cyber Attack
  •       Hacks at Random (HaR)
  •       Competitor Hacks (CH)
  • Malware, etc.

– Utilities

  • Loss of electrical power
  • Loss of gas
  • Loss of water
  • Oil shortage or unavailability
  • Loss of local or National communications system

– Equipment and Systems

  • Internal loss of power
  • Loss of air conditioning or heating
  • Production, plant, or equipment failure (excluding IT)

– Information Security and IT Equipment

  • Exposure of sensitive content
  • Damage from Cyber crime (attacks, hacks; as above)
  • Damage to content and/or systems from malware (viruses, keystroke monitoring, tracking software, malicious code to destruct data, etc.)
  • Loss of content, or loss of access to content
  • IT system failures
  • Loss of connectivity to the Internet
  • Loss of eCommerce capability
  • Unavailability of e-mail
  • Damage to main business system(s)

– Other

  • Legal issues
  • Mergers or acquisitions
  • Emerging and impacting business, health, and safety regulations
  • Workplace violence
  • Public transportation, public utility, neighborhood hazard, loss of shipment, freight, and other like-issues that can impact employee availability, product availability, etc.
  • Negative publicity
  • Employee morale

Any of these things represent a threat to the effective conduct of business.  Remember that in addition to the core-business systems that you use and “see” every day, there are other systems supporting your business that you may not think much about.  You need to reestablish e-mail connectivity to the world.  You need to reestablish any eCommerce, web traffic, and presence that you have.  You’ve got to get voice communications going, and you need to reestablish customer service endeavors.  You may need public relations, or perception management, help in communicating the organization’s status to the public.

Also, don’t overlook the fact that following disaster, DAPR does not go away during the challenge of continuing business:  you must reestablish your backup and recovery scheme:  For example; if you’re in a new location, you may need new solutions partners, etc.

NP:  Zeppelin boxset.  Amazing.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: