Many companies are required to have a Business Continuity Plan in place for compliance reasons, but it makes good business sense to also make sure you have a functional plan to help you recover from an incident as quickly as possible. Whether it is a hurricane, wildfire, active shooter, or cyber attack, you can minimize the impact on your organization with a Dynamic Incident Response Plan.
Simply having a plan in place doesn’t ensure that you’ll have control when an event or a breach becomes a crisis. Incident response plans should be dynamic – or adaptable – to the needs of the business.
What makes an Incident Response Plan dynamic?
- Break your plan down into sets of concise, easy to follow task lists, especially for critical business processes and applications
- Engage the whole business – without buy-in from all parties, it’s unlikely a plan will be executed as intended. Confirm everyone understands his or her role.
- Test emergency communication plans and task ownership on a regular basis. A major failure in crisis is the communication breakdown. Regular testing should confirm if individuals can understand and execute their roles and tasks.
- Have your plans accessible via a mobile platform that is intuitive and user friendly
Some additional considerations for creating a functional and dynamic Incident Response Plan:
Lay out who is responsible for what – and identify backup personnel. All Incident Response Plans should clearly define the key roles, responsibilities and parties involved during a disaster recovery (DR) event Among these responsibilities must be the decision to declare a disaster. Having clearly identified roles will garner a universal understanding of what tasks need to be completed and who is responsible for what.
Protocols for a Disaster Recovery Plan must include who and how to contact the appropriate individuals on the DR team, and in what order, to get systems up and running as soon as possible. It is critical to have a list of the DR personnel with the details of their position, responsibilities, and up to date emergency contact information.
Create a communication plan. This is perhaps one of the more overlooked components of a Disaster Recovery/Incident Response Plan. Having an effective communication plan that is tested is critical. When a disaster strikes, how are you going to communicate with your employees? Do your employees know how to access the systems they need to perform their job duties during a DR event?
Many times, the main communication platforms (phone and email) may be affected and alternative methods of contacting your employees will be needed. An effective communication plan will account for initial communications at the onset of a disaster, as well as ongoing updates to keep staff informed throughout the event. Automated Notification systems can provide a lot of value to your organization in this area.
Test your plan regularly. If you’re not testing your DR process, you may not have one that works. Your backup hardware may have failed, you may be relying on someone incapable of dealing with a disaster, your internet connection may be too slow to restore your data in the expected amount of time, the DR key employee may have changed their cell phone number. There are a lot of things that may break a perfect plan. The only way to find them is to test it when you can afford to fail.
Keep in mind that when it comes to disaster recovery, you’re only as good as your last test. A testing schedule is the single most important part of any DR plan. The more comprehensive the testing, the more successful a company will be at getting back on their feet. Also, failing a test is not a bad thing. It is better to find these problems early than to find them during a crisis. Decide what needs to be modified and test until you’re successful.
And don’t forget about testing your employees. The employees that are involved need to be well versed in the plan and be able to perform every task they are assigned. Running simulated disasters and drills help ensure that your staff can execute the plan when an actual event occurs.