For the purposes of Business Continuity Planning, the definition of a Disaster is:

Any incident that causes a severe disruption to a Business Unit’s working environment, facilities and personnel which results in an inability to function or to provide service to internal or external customers.

It is the preparedness of an organisation to ensure continuity/ resumption of critical business processes at an agreed level and limit the impact of the disaster on people, processes and infrastructure.

Business continuity should be focused on entire business processes rather than solely on specific assets such as IT systems.

You will need someone who is responsible for Business Continuity at a very senior level. You will also need someone who is responsible for the planning, testing and training aspects, the business continuity function. Depending on the size and complexity of business this may be a full time role but probably for most small-to-medium sized enterprises (SME’s) not necessarily so by any means. Again it comes down to what is appropriate for your business or organisation. It is highly likely that the business continuity function will form part of one or more staff members’ job descriptions.

Risks to today's businesses arise from many sources (operational, strategic, financial, informational or environmental) and can impact key performance indicators such as profitability, share price, quality, brand image and company reputation, market share, etc. Today's consumers get easily discouraged when they can't get what they want immediately. If you don't have a tested Business Continuity Plan in place you're likely to experience a greater loss of revenue or market share, and possibly failure of the business, if a disaster strikes.

BCP efforts make money for a firm as they serve to minimize disruptions and financial loss during even minor events. This means increased reliability and productivity, a competitive advantage and increased market share.

During the execution of disaster recovery or business continuity plans, the time goal for the re-establishment and recovery of business function or resource is the Recovery Time Objective.

RTO has to be set in tune with requirements of business and should ensure that services to clients are not disrupted beyond agreed time period. If this time period is exceeded, the organization could suffer significant financial, regulatory or reputation damage.

RTO also helps in determining which continuity strategy would be best for the recovery of each business activity or business function. Strategies might include moving to another location, delaying the performance of some tasks, or transferring some work to another office.

Recovery Point Objective ("RPO") defines the point in time to which systems and data must be restored after a disaster. It is typically measured in minutes, hours or days depending on the criticality of the system or data. For e.g., if an organization needs to restore at a minimum the prior end of day's backups in the event of an emergency, their RPO is 24 hours.

A written plan for processing critical applications in the event of a major hardware or software failure or destruction of facilities.

Disaster Recovery is the activity that takes place during and after a catastrophic event to minimize business interruption and return the organisation as quickly as possible to a state of normalcy that existed prior to the event.

Business Continuity is the process of planning to ensure that an organisation can survive, by providing an acceptable level of service throughout, an event that causes interruption to normal business processes.

     A site (data centre, work area) that provides a BCM facility with the relevant work area recovery, telecommunications and IT interfaces and environmentally controlled space capable of providing relatively immediate backup data processing support to maintain the organization's Mission Critical Activities.

A site (data centre/ work area) equipped with appropriate environmental conditioning, electrical 
connectivity, communications access, configurable space and access to accommodate the installation and operation of equipment by key employees required to resume business operations.

Computing facility that has some equipment available although it may not be powered up and running. Some special equipment may need to be procured. Systems and applications have to be setup and installed.

An agreement between two organizations whereby each organization agrees to share the other's computing facility in the event of a disaster.

A business continuity plan is not complete until it is tested. Untested business continuity plans cannot be relied upon following a business interruption or disaster. A formal BCM testing process provides management, customers, suppliers and employees with the assurance that the plan will work as documented.

The majority of organizations test business continuity processes one or two times a year; however, this can be increased by such factors as:

Business Continuity Planning addresses three core componenets of an organisation: People, Processes and Infrastructure. No organization can claim readiness for large-scale disasters without addressing these core components. BCP solutions are scaleable and can be tailored to meet any company’s needs, whether it is a small-to-medium sized business(SMB) or a large organisation.