Disaster Recovery and Business Continuity Planning - Where to start?

K

kukani41

#1
#1
I have been asked by a company to look into their disaster recover and business continuity planning - they have none. Where do I start. I have taken a company through ISO 9001:2008 and became certified but unsure which standard to start looking at. Any help would be greatly appreciated.

Thanks

Sue:bigwave:
 
Highly Rated Gage Tracking - Learn More
Elsmar Forum Sponsor
insect warfare

insect warfare

QA=Question Authority
Trusted Information Resource
#2
#2
Welcome to the Cove, kukani41!! :bigwave:

I was recently referred to an excellent resource called the Business Continuity Planning Suite (formerly called COOP "Continuation of Organizational Processes") which is currently available at ready.gov. Not only does it step you through the process of creating your own BCP, it also provides for testing of the plan and contains training modules (all for free).

I have heard only good things about it so far (if that means anything), but haven't yet had a viable opportunity to construct one from scratch. Maybe it is the right tool for you...

Brian :rolleyes:
 
Richard Regalado

Richard Regalado

Trusted Information Resource
#4
#4
kukani41 said:
I have been asked by a company to look into their disaster recover and business continuity planning - they have none. Where do I start. I have taken a company through ISO 9001:2008 and became certified but unsure which standard to start looking at. Any help would be greatly appreciated.

Thanks

Sue:bigwave:
Click to expand...
Hi Sue. Welcome to the Cove!

What do you mean exactly by "to look into their..."? They want you to do an audit of their existing system? Or they want you to develop a BCMS?

Cheers!

Richard
 
Richard Regalado

Richard Regalado

Trusted Information Resource
#5
#5
insect warfare said:
Welcome to the Cove, kukani41!! :bigwave:

I was recently referred to an excellent resource called the Business Continuity Planning Suite (formerly called COOP "Continuation of Organizational Processes") which is currently available at ready.gov. Not only does it step you through the process of creating your own BCP, it also provides for testing of the plan and contains training modules (all for free).

I have heard only good things about it so far (if that means anything), but haven't yet had a viable opportunity to construct one from scratch. Maybe it is the right tool for you...

Brian :rolleyes:
Click to expand...
Hello Brian!

I have gone through the site quickly and found it informative for home-preparedness. But some of the information can be applied to a corporate setting as well such as the creation of an emergency kit, different types of hazards which are applicable for home and at work, how to make clean water, etc. There is also a section for Workplace Plans though not as extensive as the section for home.

All in all, an excellent source of useful information. Thank you.
 
K

kukani41

#6
#6
Hi

They currently dont have any business continuity or disaster recovery planning. They want me to assess the business and put in a BCP.

Thanks

Sue
 
insect warfare

insect warfare

QA=Question Authority
Trusted Information Resource
#7
#7
Richard Regalado said:
Hello Brian!

I have gone through the site quickly and found it informative for home-preparedness. But some of the information can be applied to a corporate setting as well such as the creation of an emergency kit, different types of hazards which are applicable for home and at work, how to make clean water, etc. There is also a section for Workplace Plans though not as extensive as the section for home.

All in all, an excellent source of useful information. Thank you.
Click to expand...
Thanks Richard,

According to their web page, they claim that this BCP suite can be used for any organization, regardless of size or type. I was drawn to it particularly for its similarity to the "TurboTax" interface, which relies on your information to do most of its value-added work.

Brian :rolleyes:
 
Richard Regalado

Richard Regalado

Trusted Information Resource
#8
#8
kukani41 said:
Hi

They currently dont have any business continuity or disaster recovery planning. They want me to assess the business and put in a BCP.

Thanks

Sue
Click to expand...
Hi Sue. I would advise that when "putting in" or writing a BCP, you may want to use a framework to serve as your guide. One such framework is the ISO 22301:2012 Societal Security - BCMS (http://www.iso.org/iso/catalogue_detail?csnumber=50038). This international standard provides a systematic approach to planning, implementing, monitoring and improving your BCMS and can be used by any organization regardless of size and nature of work.

Alternatively, you may also want to look at SS 540 which is the Singapore Standard (http://www.ss540.org/) for BCM and also the NFPA 1600 Standard for Disaster and Emergency Management (http://www.nfpa.org/codes-and-standards/document-information-pages?mode=code&code=1600).

Should you decide to go for the ISO standard (which I strongly recommend), buy the standard to give you an idea of what needs to be established for a formal BCMS.

N.B. There are key activities to be performed before an organization can write a proper BCP. These activities include business impact analysis, risk assessment, risk treatment, determination of BCM metrics, etc.

In closing, there are 3 key questions that a BCM need to answer:

1. What could go wrong?
2. If things go wrong, how would it affect the organization?
3. How would the essential processes be continued after a disruption?
 
K

kukani41

#9
#9
Thanks for this Richard

I wouldnt know where to start for a business impact analysis, risk assessment etc. Do you know of any good examples or templates that I could look at to get an idea of what these are?

Thanks for your help it is very much appreciated.

Sue
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
D Exercising Business Continuity or Disaster Recovery Plans Business Continuity & Resiliency Planning (BCRP) 5
S Business Continuity Disaster Recovery Gantt Chart Business Continuity & Resiliency Planning (BCRP) 5
A Business Continuity ? Disaster Recovery and Crisis Management differences Business Continuity & Resiliency Planning (BCRP) 8
Sidney Vianna ANAB - Certified Organizations Business Continuity and Disaster Recovery Business Continuity & Resiliency Planning (BCRP) 0
Ed Panek Disaster Recovery Test IT (Information Technology) Service Management 6
M Does the ISO 9001:2015 standard require a disaster recovery plan or emergency response plan ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 16
C Review the IT Disaster Recovery Planning Process IT (Information Technology) Service Management 8
C Cleanroom Disaster Recovery for ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 8
Q Should advance notice be given for Disaster Recovery Audit? Business Continuity & Resiliency Planning (BCRP) 9
GStough Is A Re-Audit Necessary after Disaster Recovery? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
B How do you help sustain disaster recovery if one problem comes after the other? Business Continuity & Resiliency Planning (BCRP) 11
S Risk Management in terms of Technical and Commercial Failure (Disaster Recovery) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
T Controlled Environment Procedure: Disaster Recovery Plan ISO 13485:2016 - Medical Device Quality Management Systems 14
M Disaster Recovery Plan for a Pharmaceutical Company Miscellaneous Environmental Standards and EMS Related Discussions 3
D Disaster Recovery Plan - I cannot find references to same in ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 3
E ISO 9001:2000 - Document Disaster Recovery Program Requirement? Document Control Systems, Procedures, Forms and Templates 33
X TL9000 Clause 7.1.C.3 - Interpreting the Disaster Recovery clause TL 9000 Telecommunications Standard and QuEST 2
D Supplier OTD Slip Due to Shipping Delays or Natural Disaster AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
Randy Remote auditing (for disaster, disease, disturbance etc...) during the Neo Coronavirus Pandemic and Social Distancing Registrars and Notified Bodies 7
Hershal Fire disaster in Southern California (Blue Cut fire) - August 2016 Coffee Break and Water Cooler Discussions 22
E Disaster Contingency - Is it a requirement in ISO 9001? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
AnaMariaVR2 Finding a Common Language for Disaster-resistant Supply Chains Supply Chain Security Management Systems 1
S Disaster Management for a Waste Management Firm Miscellaneous Environmental Standards and EMS Related Discussions 5
John Broomfield Rocket Engineer who foretold the Challenger disaster is dead Coffee Break and Water Cooler Discussions 8
Richard Regalado Elsmar Cove BCP - Continuity of the forum when disaster strikes Business Continuity & Resiliency Planning (BCRP) 11
Richard Regalado Symantec 2011 SMB Disaster Preparedness Survey Business Continuity & Resiliency Planning (BCRP) 6
A Transocean Execs Get Bonuses after ?Best Year in Safety,? Despite Gulf Oil Disaster. World News 1
RoxaneB Vendor Listing in a Business Continuity Plan / Disaster Recover Business Continuity & Resiliency Planning (BCRP) 6
F Risk + Disaster Assessment, Fire Alarm, etc. - Records Management Business ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
F Re-Training an Employee on the Use of Micrometers - Teaching Disaster Training - Internal, External, Online and Distance Learning 2
P Purchasing Mistakes - Seeking examples of mistakes that lead to disaster ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
J Document Control - System Feels Like A Disaster Document Control Systems, Procedures, Forms and Templates 15
S 95% UCL - Attaching an excel for recovery study Statistical Analysis Tools, Techniques and SPC 0
C Compliance with ISO 17025 requirement 8.4.2 - Controls - Records recovery ISO 17025 related Discussions 4
I Clean room recovery program Other Medical Device and Orthopedic Related Topics 1
M ISO 14644 - Cleanrooms and associated controlled environments -Recovery Test Other ISO and International Standards and European Regulations 0
M Ford Q1 Revocation Recovery Process Customer and Company Specific Requirements 5
Marc Data Recovery from a Mac formatted LaCie 2 TB Drive After Work and Weekend Discussion Topics 5
Wes Bucey Job recovery? or "statistics don't lie, people do" Career and Occupation Discussions 37
K What is an ARA (American Recovery Act) document? Customer Requirement Quality Manager and Management Related Issues 4
somashekar The Plasma Thermal Destruction and Recovery (PTDR) Waste-to-Energy Technology Sustainability, Green Initiatives and Ecology 4
R Clean Room AHU (Air Handling Units) - Good Protocol - Recovery Study Qualification and Validation (including 21 CFR Part 11) 8
L Service for drilling fluids recovery systems Service Industry Specific Topics 1
M Where do you address Stock Recovery? In your corrections and removal procedure? ISO 13485:2016 - Medical Device Quality Management Systems 11
Marc Ford bondholders zero in on cash, not recovery values World News 0
Howard Atkins Defining Recovery - Management of production tooling - TS 16949 Clause 7.5.1.5 IATF 16949 - Automotive Quality Systems Standard 7
V Going out of business - related obligation to transferring to another manufacturer EU Medical Device Regulations 0
T Supplier Evaluation - *ALL* Suppliers to business? ISO 13485:2016 - Medical Device Quality Management Systems 5
M Need to set up a "crisis management and business continuity plan" AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
R Starting an automotive containment business Service Industry Specific Topics 3

Similar threads

Top Bottom