- What is Disaster Recovery Planning?
- Purpose of This book
- A Working Definition of Disaster
- The Time Factor in Disaster Recovery
- The Need for Disaster Recovery Planning
- The Auditor's View
- An Imperfect Legal Mandate
- Building Management Consensus for Disaster Recovery Planning
- Who Should Write the Plan?
- A Straightforward, Project-Oriented Approach
- A Note on Methodology
This chapter is from the book
This chapter is from the book
This chapter is from the book
A Straightforward, Project-Oriented Approach
This book presents a straightforward project-oriented approach to DR planning. Each chapter provides cogent, practical information about the major tasks involved in developing a disaster recovery capability. Each chapter clearly defines the objectives of a development task, describes typical methods used to realize objectives, defines what resources are typically required, identifies sources for specific products and services, and discusses methods for evaluating task fulfillment.
In some cases, the IT manager or his or her designee serves as the disaster recovery coordinator for the company. In other cases, planning is undertaken by a group of users representing both information systems and the user community. If planning is undertaken by a group, however, it will need a person who will serve sometimes as researcher, sometimes as data collector, sometimes as honest broker, and ultimately as the person responsible for maintaining the plan in the face of almost daily shifts in recovery requirements. All these responsibilities are implied in the title DR coordinator.
In many cases, the IT or business manager will either hire a new employee to serve as disaster recovery coordinator or transfer an employee to fill the position full-time. The critical phrase is full-time. In very small companies, the IT manager is likely to serve as disaster recovery coordinator. In medium to large companies, developing and maintaining the disaster recovery plan is a full-time job.
Who is the ideal disaster recovery coordinator? There is no pat answer to this question. The coordinator does not require the highly technical skills set of a programmer, network analyst, hardware specialist, or systems administrator, but it is important that the candidate be able to communicate with technical staff and correctly interpret what they say in order to communicate it effectively to non-technical users in reports, procedures, and other documentation.
It is important that the coordinator be organized, detail-oriented, and a competent writer. The candidate should be able to work methodically through complex problems and issues and be experienced in managing vendors and evaluating product offerings. He or she should also be fluent in project management principles and techniques. In addition to these skills, the coordinator will need highly developed qualities of patience, perseverance, and diplomacy.
A common theme emerges in meetings of organizations for disaster recovery coordinators. Regardless of the initial level of enthusiasm and team spirit participants bring to the disaster recovery planning project, a substantial effort will be required to keep participation levels high. Planners need to cultivate enthusiasm and constantly reinforce the buy-in of plan participants. Unless participants see the plan as their creation, nearly everyone will develop a resentment of the planning process.
DR planning is demanding work. IT operations personnel can easily come to view the coordinator's insistence on routine backups as an unwarranted interruption of their already overcrowded processing schedules. They need to be applauded for the work they are doing to safeguard the corporation's most important asset, information.
Similarly, application developers may be put off by the DR requirement that they pause periodically to document changes made to programs and systems so that work can be reconstructed in the event of disaster. Reinforcing the importance and value of their work—known in the vernacular as stroking their egos—may ensure their continued enthusiastic cooperation.
User departments may develop an intense dislike of the coordinator's constant testing and probing for possible gaps in their preventive and protective measures. The coordinator needs to work with users and ensure that they regard the procedures involved as their own effort, rather than a task that is being imposed on them from outside.
Senior management may even come to disdain spending money on a project that delivers little tangible return on investment. Coordinators can diffuse this trap before it occurs by exploring every possible dual-use or dual-value opportunity for disaster avoidance and recovery components.
The relationship with management works both ways. To supplement the skills that the coordinator brings to the job, the IT or business manager will have to provide the coordinator with authority to make decisions and to quell dissent, visible (and budgetary) support and enthusiasm for the planning effort, and personal support for the coordinator's ego.
No statistics are available to demonstrate the stress level associated with the position of disaster recovery coordinator, but considering the nature of the job—the need to confront the dark side of business survival daily and make the safety and security of fellow employees one's personal concern—the coordinator's stress level must rate somewhere between that of a dentist and a Middle East peace negotiator. The manager needs to recognize this and compensate for it, not only in salary, but by freeing the coordinator from other tasks and giving personal recognition and reinforcement for the valuable work that the coordinator is performing.
The above may convey the impression that fulfilling the role of DR coordinator is a thankless task. Before readers rush to put this book back on the shelf, it should be observed that there are few business roles that are more compelling and challenging than disaster recovery planning. Creating an effective team, working across the exclusive territories established by business units, developing innovative strategies to fit requirements, and playing the ombudsman for corporate safety and continuity comprise a dynamic set of tasks that appeal to one's creativity and provide an enormous sense of accomplishment.