Over the last few days I've been reading about a number of interesting things around the state of the planet and how we should expect some major seismic activity. For example, some recent geological studies suggest some earthquake prone regions on the US' west coast are well overdue for a magnitude 9 quake that could cause a massive tsunami across the Pacific Ocean. Australians are moving into bushfire season and the tropics are getting into the time when floods are an issue. What are your disaster plans?
Most of the companies I've worked at and with tend to flick business continuity planning off to the IT team as that tends to be the team who can get systems up and running the fastest.
But the reality is business continuity, disaster recovery and system resilience plans are really about risk management and not IT.
Sure, some of the potential scenarios you need to consider do require the support of IT - think about cyber attacks or storage system failures for example - but not many of the plans I've seen over the years include planning for natural disasters.
If a major earthquake in the US produced a massive tsunami - like the Cascadia tsunami that hit Japan in 1700 which was caused by a massive quake in the United States - what might the impact here be?
With so many businesses being global. we need to think right along our supply chain and consider impacts of incidents in other countries, as well as onshore, in our business interruption scenario planning.
So, when was the last time you blew the dust of your BCP? Does it consider all sorts of incidents and not just IT ones? Does it look at your entire supply chain or just the systems inside your four walls? Is it time for an update?