With all of the disasters in the past couple of months (hurricane, fires, floods) now is a great time to determine the adequacy of your Disaster Recovery Plan (“Plan”). You are required to “test” your Plan each year. Riding out a disaster is an opportunity to “test” the Plan. Create an after-action report if you will and document this “test”. Your “test” didn’t occur if it isn’t documented, so be sure to document what you did and what you learned.
I have been reviewing several Plans in the past weeks as part of the Annual Document Review for clients. After discussions with those clients that have been through a disaster recently and reviewing these Plans, I feel it is important to have a hard copy of your plan handy AND that the Plan include the information that you need to know in the event that you don’t have access to anything at your office or in the cloud. Access to the cloud is not a guarantee during a disaster – as many people can attest to during the past couple of months.
When reviewing your Plan, take a look at the details – do you need to add account numbers or policy numbers in the event of a disaster? Is the person that is responsible for completing something as part of a disaster preparedness the only person that is trained to do this process? If so, what happens if they aren’t in the office when this process needs to be performed? One of my clients discovered during their disaster preparation that the only person in the office that knew how to forward the phones was on vacation. So their preparations were slowed while they discovered how to forward the phones.
You’ll want to really look at the Plan and determine if you will be able to recover from a disaster with the information in the plan alone.