This snapshot taken on 09/06/2009, shows web content selected for preservation by The National Archives. External links, forms and search boxes may not work in archived websites.
 
 

Prevention

Steps needed to help prevent systems failure are the same, no matter the size and scale of the company involved.

The following bullets provide a high level guide to preventing (or at least, reducing the likelihood of) systems failure. More detailed measures can be found in our Business Continuity Management section.

Basic steps for prevention:

  • Perform a risk analysis. This can be a sophisticated and extensive exercise, but it is essential to:
    • Establish the importance of each system or system element
    • Work out what could stop them operating.
    • Implement appropriate controls to minimise the disruption caused by any untoward event.
  • Take regular backups of information and store them away from the system. Establish how long your company can tolerate a system failing (a day, a week?) and make sure your backups allow you to recover before that time elapses.
  • If you hold sensitive information, remember to apply appropriate security to your backup media
  • Make sure you have access to alternative machines to run your systems and hold your data should you lose premises through a catastrophic event, such as a flood or a fire.
  • Consider making a mutual support agreement with another organisation, preferably one that is unlikely to suffer from the same event as yours (i.e. they aren't next door, they use a different power supply, and they won't be flooded by the same river).
  • Make arrangements with hardware suppliers for rapid installation if you are running a time-sensitive operation. Some companies specialise in providing support premises and equipment, normally on an annual charge basis (a bit like an insurance policy).
  • Establish sound fire prevention and detection systems. You should also consider looking at water detection systems, especially if you operate in a high-risk flood area.
  • Environmental risk should form part of your initial risk analysis. Environmental issues should include:
    • Investigating neighbouring industrial concerns, to see if they carry a high-risk (for example, a chemical works).
    • Investigating neighbouring companies to see if they might be the targets of civil unrest (for example, animal testing, nuclear power, etc).
    • Checking local conditions by contacting the local authority, who normally have information on environmental risks and often make a local emergency plan available.
  • Look for single points of failure. These can be telephone exchanges, power supplies and road transport links. If you are dependent on a single supplier for key goods or services, make sure you know who they are.
  • Having identified single points of failure, look for alternative suppliers, or seek insurance against them failing.
  • Consider a UPS (Uninterruptible Power Supply), as these not only reduce the impact of a real event, but also protect your computer systems against voltage spikes that can corrupt data even if they don't take your system down.
  • Be aware of the details of any software support contracts. If you need specialist help at 4am on a Saturday, you may find yourself in trouble if you haven't made provision for it.
  • Make sure you have appropriate licences and support agreements in place for all hardware and software. Try to avoid invalidating any warranty agreements, as this can severely hamper support.
  • Make sure all staff know what to do in an emergency and that they have the means to contact you if getting to the office is made difficult or hazardous.

© Crown copyright2009