In the risk analysis phase, there are a number of key areas that should be covered. One of the most important is to comprehend probable threats. In an ideal planet, which most of us have observed does not exist, we would determine and protect ourselves against all threats to ensure that our company continues to survive. Clearly, we are constrained by other factors this kind of as budgets, time and priorities and require to apply price advantage evaluation to ensure we are safeguarding the most critical company capabilities.

A 2nd important step is to determine all probable threats and prioritize them. Threats, typically, can be classified in a number of methods this kind of as internal/external, guy-produced/natural, primary/secondary, accidental/intentional, controllable/not controllable, warning/no warning, frequency, duration, speed of onset and so on. Whilst classifying threats is helpful in terms of knowing their characteristics and potential controls, grouping and knowing by company influence is also important. Clearly, the same influence can result from a number of various threats.

Identifying mission critical company processes and methods is another basic building block of the company continuity plan. After your critical company processes and methods and probable threats are established, the subsequent step is to determine vulnerabilities and loss potential. This requires an substantial scan of the organization to determine vulnerabilities and then evaluation to comprehend these vulnerabilities which would have the greatest influence on your critical company processes and the organization. This begins to make clear and quantify potential losses, which assists to establish priorities.

Following the identification of the most probable threats and vulnerabilities, an evaluation of current controls is required. This spans physical safety as nicely as people, processes, information, communications and asset safety. Some controls this kind of as physical safety and information backup are obvious. Other controls needed are frequently less obvious, but they can be identified through the risk analysis process.

Once the key building blocks of critical company capabilities, most probable threats, vulnerabilities and controls are identified, the subsequent stage is to develop an knowing of the probability of threats factored by the severity or influence of the threats. This prospects to the company influence evaluation phase which establishes priorities for safety.

The goal is to minimize threats, impacts and downtime and to mitigate any losses. Essentially, the goal is to protect your people, protect your information, protect your vital communications, protect your property and to protect your brand name and status. General, of program, the goal is to ensure your company continues to operate and to do it in a price-efficient way meeting standards of affordable and prudent judgment.

About The Author

Robert Mahood has significant technologies and management expertise in information communications, web, storage, disaster recovery and information recovery. He is presently the president of Midwest Data Recovery. www.midwestdatarecovery.com

bmahood@midwestdatarecovery.com, 312 907 2100 or 866 786 2595