"Disaster recovery" and "business continuity" are misnomers, it turns out. This is according to Intel Corp., which has set up a complex internal system of ongoing business continuity planning that renders disaster recovery more like business as usual.
Speaking at this week's World Conference on Disaster Management, Intel business continuity manager Kathryn Dornfeld laid out the company's dizzyingly evolved ecosystem of disaster-planning teams, including emergency response teams, emergency operations centers, issue-prevention management teams and crisis-management teams.
The corporate emergency operations center meets virtually and is embedded within the company structure. The site emergency operations centers are responsible for managing their own operations and on-site issues during crises and during planning for emergencies, according to Dornfeld.
To achieve optimal awareness throughout a company, she said, it's important to spread the word about safety initiatives. This includes Web-based course management, training and hundreds of part-time "business-continuity champions" who help manage on-site awareness.
Donald Lum, a program coordinator at Ontario Power Generation Inc.'s dam safety and emergency preparedness division, said that his company works hard on awareness training. "We run drills and engage the first responders," said Lum.
Executive support is also important for full business-continuity implementation. Intel uses dashboards to keep them apprised, she said.
"IT managers need to establish a relationship with management," said Eric Holdeman, a principal at consultancy ICF International Inc.
Program assessment also makes sure that executives are up to speed and making business continuity an ongoing effort rather than one triggered by a disaster. Dornfeld cited a supply chain example in which where Intel plotted out alternate routes and suppliers in case of emergency. "Instead of us having to react in a short amount of time, we go to them, rather than having to wait for them to call us and tell us there's a problem," she said.
Focusing on business impacts -- rather than threats -- is the best route, Dornfeld said. "Talk to senior management about critical business functions so that you can do your risk and impact assessment. Focus on the things they'll relate to, like cost and operational downtime," she said. "You need to support them, not tell them what to do."
Keeping the risk impact assessment fresh and reflective of social, economic and other disasters is also important. "You need to evaluate change and see what could influence the outcome," said Dornfeld.
According to Lum, "You're always learning new things."
And when it comes to run-throughs, the more the better. Intel ran around 600 recovery drills last year, and the company often runs joint drills with local rescue personnel such as fire, police and disease control. "This is important, as we sometimes found that the way we thought we would be doing things didn't mesh with what they'd do in an emergency," Dornfeld said.
The Chengdu earthquake was a recent example of having to put such plans in action. Intel's operations were able to run smoothly because they were moved temporarily to Malaysia and to other locations in China to keep everything on track, as planned.
More human issues often come into play, too, and Intel plans for them. According to Dornfeld, a designated nap room was set up for sleep-deprived earthquake victims, along with "Camp Intel," a work-based shelter for earthquake victims and their families.
Alternative work sites have been set up during typhoons (the Philippines), floods (Washington), riots (India), fire (Vietnam) and bombings (Israel), perhaps even creating a new task for IT managers who will be called upon to set up off-site operations, complete with networking and authentication.
"Could you work with only 40% of your staff?" asked Dornfeld, pointing out that many people are often unavailable during an emergency, and that skeleton staff operability should be a part of any plan. For an IT department, she said, this could mean extra attention to staffing patterns, since in an emergency, IT infrastructure is considered critical and more IT staffers could be required to be on-site -- or at least prepared.
This story, "Intel: Disasters can be 'business as usual' with enough planning" was originally published by ComputerWorld-Canada.