What’s Business Continuity worth to your Business?
Setting the budget for your organization's Disaster Recovery and Business Continuity (DR/BC) plan should reflect your organization’s tolerance to downtime. But how to make the budgeting decision?
Envisioning the impacts of infrastructure downtime will help to understand the significance of budgeting wisely. These impacts may include:
- Productivity loss
- Client satisfaction issues
- Employee stress and morale issues
- Potential revenue loss
- Possible loss of clients
Determine the Cost of Downtime
First: Calculate your organization’s hourly downtime cost.
By mapping out your key business elements, you can come to a good understanding of the cost of downtime. This should include:
- Number of offices
- Number of employees
- Average hourly salary
In the case of disaster without a business continuity and failover recovery plan, employees across the organization will be without access to key business applications. While the organization will continue to operate, system downtime will contribute to significant losses to productivity.
Determine your Organization’s Tolerance to Data Loss
Second: Assess your organization’s unique business and compliance requirements.
What are your downtime tolerances as stipulated by law? Or by your organization’s compliance policies and regulations?
If your organization is in the financial services, healthcare, legal or government sector, take a thorough look through your regulatory requirements. In Canada, HIPA and PIPEDA provide specific guidelines about how data must be stored and made available. Your organization must comply with these requirements or run the risk of legal complications.
In addition to regulatory requirements, most organizations have compliance policies to ensure digital data protection. These policies strictly indicated what data retention policies must be in place, and are vital to protecting organizational data. File access controls, sharing controls, and retention settings are clearly defined by many laws and clearly specified in compliance policies.
Determine your Organization’s Recovery Objectives
Based on your organization’s tolerance for data loss and regulatory risk, a recovery objective can be created. In the event of a disaster, a recovery objective helps determine require disaster recovery procedures and timeframes.
A Recovery Time Objective (RTO) is the maximum permitted time to recover systems after a disaster scenario occurs.
A Recovery Point Objective (RPO) is the maximum acceptable data loss recorded by time, or the maximum allowed age of the data when recovering a system. RPO is measured from the time the hosting services became unavailable.
A Disaster Recovery plan will include both the RTO and RPO, set based on the organization’s tolerance to downtime.
Staying Safe in the Case of Disaster
DR/BC planning ensures that in the case of a disaster, an organization experiences minimal losses in productivity and revenue. The budget for DR/BC planning must be determined based on the organization’s Recovery Time Objective (RTO) and the Recovery Point Objective (RPO). Perhaps more importantly, a disaster recovery budget should be considered as a key to minimize your organization’s legal and financial risks.
Need help determining your IT infrastructure risk and creating a disaster recovery plan? HostedBizz offers professional services that allow your organization to focus on your core competencies, while we focus on your transition to the cloud.