ITS 4350 - Disaster Recovery


Finishing the Course

Objectives:

This lesson is about chapter summing up. Objectives important to this lesson:

  1. Crisis definition and management
  2. Trauma
  3. Involvement of law enforcement
  4. Preparing for crises
  5. International standards
Concepts:
Why were we here?

The first lesson to take from the second half of this class is to think. To imagine what is too horrible to actually practice, and to prepare for it anyway. No, we are not going to set the town on fire to practice a fire drill, but we can gather data from our practice run, add computer graphics to the video we capture, and make a point that scares people into doing the right thing,

When we have an IT problem, we have to have an incident response plan, a business continuity plan, and a disaster recovery plan. They have to be related, and they will probably overlap in execution.

Plan, measure, and adjust. Every lesson should teach us this.


Dr. Deming said to continue to plan, to do, to check, and to act. Those who ask the difference between the do and act portions are ignoring what we are supposed to learn when we check on what we did. This relates to some wisdom that may have originated with Helmuth Karl Bernhard von Moltke (portrait on the right), who observed that no plan of battle ever survives first contact with the enemy. Remain flexible. Learn from what happens, and plan what to do next.

We are cautioned to plan for disaster, to plan to operate in spite of disaster, and to continue to function regardless of disaster. If we shut down, we risk never reopening, so we go on without shutting down.

We search for the reasons for our troubles, and we find ways to not let those same causes trouble us again.

We look for those responsible for troublesome events, and we find a way to deal with them, if they are our own people. We caution our people who are gullible to be less gullible. We require those who protect us to be ever doubtful that our precautions are sufficient.

We should know the size of our organization, and the size of the disasters that strike it. Knowing both things leads us to take actions that are appropriate to the needs of the organization, especially to the need to continue to function.

We should make plans, and store those plans in ways that they can be accessed regardless of the disaster, regardless of the services that my be out at the time of the disaster. If we cannot access the plans, we cannot rely on them and we can only function from our memories of them and from our best judgement.

We should establish chain of communication, and a chain of command with succession built into our plans. This will help our organization to continue with less stress than one that has no such elements in its plans.

We should remember that our organization is made of its people. Those people need our leadership, but they also need our care. We must care for our staff, our customers, our vendors, and anyone who has the potential to belong to one of those groups.


Assignments

Complete all outstanding assignments.