IT systems are vulnerable to a variety of disruptions, ranging from mild (e.g., short-term power outage, disk drive failure) to severe (e.g., equipment destruction, fire) from a variety of sources such as natural disasters to terrorists actions. While many vulnerabilities may be minimized or eliminated through technical, management, or operational solutions as part of the organization’s risk management effort, it is virtually impossible to completely eliminate all risks. In many cases, critical resources may reside outside the organization’s control (such as electric power or telecommunications), and the organization may be unable to ensure their availability. Thus effective contingency planning, execution, and testing are essential to mitigate the risk of system and service unavailability. Accordingly, in order for contingency planning to be successful agency management must ensure the following:

Understand the IT Contingency Planning Process and its place within the overall Continuity of Operations Plan and Business Continuity Plan process.
Develop or reexamine the existing contingency policy and planning process and apply the elements of the planning cycle, including preliminary planning, business impact analysis, alternate site selection, and recovery strategies.
Develop or reexamine the existing IT contingency planning policies and plans with emphasis on maintenance, training, and exercising the contingency plan.

We will address specific contingency planning recommendations for multiple IT platform types and provides strategies and techniques common to all systems including the following:

Desktops and portable systems
Servers
Web sites
Local area networks
Wide area networks
Distributed systems
Mainframe systems.

What to expect if you engage us:

Develop the contingency planning policy statement. A formal department or agency policy provides the authority and guidance necessary to develop an effective contingency plan.
Conduct the business impact analysis (BIA). The BIA helps to identify and prioritize critical IT systems and components. A template for developing the BIA is also provided to assist the user.
Identify preventive controls. Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs.
Develop recovery strategies. Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption.
Develop an IT contingency plan. The contingency plan should contain detailed guidance and procedures for restoring a damaged system.
Plan testing, training, and exercises. Testing the plan identifies planning gaps, whereas training prepares recovery personnel for plan activation; both activities improve plan effectiveness and overall agency preparedness.
Plan maintenance. The plan should be a living document that is updated regularly to remain current with system enhancements.

** We use industry standard documentation and tools to customize each plan specific to the customer enviroment**

Print this window