“Change is inevitable. Growth is optional.”
Businesses must embrace change to survive. This has always been true, but it has never been a more relevant and crucial truth than it is today. The pace of change is accelerating, the way a snowball gathers mass as it rolls downhill.
The pace and magnitude of technological change is forcing businesses to the edge of a precipice. They must embrace change or risk their demise. Those companies that advance right along with technology have the best chance of survival. They may not only survive, but find opportunities to leverage exciting new technologies, like IoT [Here, I would link to Blog No. 6: Does IoT Hold Limitless Potential for Commerce?] to deliver new products and services. Those that ignore the need to digitize their business are very likely to lose their position to a digitally-savvy upstart.
The current pace of change is the core reason why your company needs to review its disaster recovery (DR) plan every year. If your company is keeping up with the pace of change, then you are likely to acquire some form of new technology every year. Likewise, the threat environment is constantly shifting and evolving. Organizations should review their disaster recovery plans every 6-12 months, depending on several factors, including business size, type, and current systems.
Here are a few concrete examples of internal and external changes that you will want to consider in your regular DR planning sessions:
The rate of employee turnover in most organizations means that there are likely to be new hires each year. Every new employee should have a chance to review and understand your organization’s DR plan. To ensure that all employees are familiar with your DR plan, we suggest you conduct a yearly review with all staff.
A business that is not in the process of growing is in the process of dying. As the rate of change accelerates, so does the pace at which businesses need to adapt. Technology and growth are inextricably linked. Therefore, new products and services will require changes in the IT environment.
Contact information and support contract information for OEM support should be kept as up-to-date as possible in your DR plan documentation. A yearly review process can help ensure that all technology assets are included in your DR plan so your organization can recover quickly if a disaster does occur.
Consider the environment surrounding your industry and business. For instance, financial institutions, healthcare organizations, and retailers are all specifically targeted by organized cybercriminals. Organizations in these highly-targeted industries need to keep a close eye on trends in cybercrime and adjust their DR plans accordingly.
As new types of cyberthreats and technological innovations emerge, industries, government entities, and industry watch-groups will often review and revise their standards, protocols, and requirements on a regular basis. You should update your DR plan to address regulatory changes that affect your industry. For example, healthcare organizations need to update their DR plans to reflect changes to HIPPA regulations.
If there have been any changes in your IT environment, like the addition of new applications, hardware, services, or platforms, then you will need to address how they will be protected in your DR plan. You have most likely kept meticulous records of your own department’s purchases and initiatives. However, we have found it is always worthwhile to investigate and monitor every technology-related purchase made within your company.
Here are a few questions you can include in your yearly review:
The above are just a few changes that will affect your DR plan from year to year. If you want a more complete guide to DR planning, contact an expert at the IBM Journal today.