Past, Present, Future
Information Systems, Telecom & Vital Records

By Curt Edfast, Information Director Association of Contingency Planners National Board of Directors Graeme Jannaway, President Disaster Recovery Information Exchange, Toronto

Disaster recovery began in the late seventies as a method of protecting large computer data center installations from unlikely events like earthquakes, hurricanes, etc. By the mid-eighties, "hotsite" service providers and a few disaster recovery consulting firms had become established. They provided companies with a variety of alternatives and recovery services to recover the computer system. By 1990, telecommunications and network recovery were receiving major attention.

TODAY, NEW CONCERNS
"Assuming we can recover the computer environment and the network, how do we recover the business operations?" Building a business operations recovery capability is the primary directive of the enterprise-wide business continuity plan. Let’s reflect on the scope of that.

We need to…prepare a testable plan to recreate the company’s critical business operations during any major business interruption. Most companies employ a variety of today’s technological platforms (i.e. mainframe, client-server, LANs, WANs, distributed desktop servers, Internet, voice response systems, etc.) resulting in recovery challenges.

In addition, business has changed dramatically and as a result, we face:

• Downsizing and Consolidation of Operations. This business trend has introduced a set of problems for contingency planners to handle.

• The Internet. Delivering products and services via the Internet has introduced a number of security issues and solutions into the "daily production" environment. These concerns must be addressed in the company business continuity plan.

• Changes in the Infrastructure. The move to distributed computing has complicated the implementation of the environmental controls that were once centralized in the computer center. Today’s critical applications are often vulnerable to all the risks in the workplace.

• Vital Records. While much of the industry has moved to electronic media, a lot of information is still only available on paper. Critical paper records are a major exposure for many companies.

• Year 2000. As we move into the twenty-first century, many contingency planners are finding Y2K projects being dropped in their laps.

SO WHERE DO YOU START?
The contingency planner’s number one tool is the Business Impact Analysis (BIA). Its purpose is to identify the critical business units, their critical support units and identify any interdependencies between them. This analysis not only includes in-house hardware, software and applications, but also the suppliers, outsourced functions and distribution providers for the company business units.

Applications with distributed functions are often hard to find without a BIA and typically change the restoration order of the business continuity plan. Desktop units that are part of the "daily production" must be accounted for. Just restoring applications across multiple platforms can be a nightmare without an in-depth review of the backups used for recovery from a disaster. Some software tools are available to analyze tape backup requirements, but so far, they are not available on all platforms.

THE FUTURE
The responsibilities for the contingency planner continue to grow both in scope and complexity. For many companies, a tested business continuity plan has become part of doing business. The future holds much promise and many challenges for the contingency planner.

For more information:
The Association of Contingency Planners at (800) 445-4ACP or visit ACP on the web at www.acp-international.com

Disaster Recovery Information Exchange at (416) 491-2420 or visit DRIE on the web at www.drie.org