Manage disaster recovery plans to achieve business continuity
Overview
This NOS sets out the skills, knowledge and understanding for you to manage disaster recovery plans to achieve business continuity.
This NOS covers the following activities:
Plan and prepare for disaster recovery activities
Manage disaster recovery
Performance criteria
You must be able to:
Plan and prepare for disaster recovery activities
- make sure you know the location of the of the disaster recovery plan at all times
- make sure the disaster recovery plan with which you are working is up to date
- make sure training and testing of staff to carry out action plans for crises and disasters takes place at regular intervals
- simulate realistic systems or equipment failure to assess emergency response of staff
- check casualty, counselling and rehabilitation strategies are in place for when necessary
- check suppliers and locations are in place for the maintenance of business critical functions
- agree data recovery processes with relevant people
- review action plans at regular intervals, amending as necessary
- maintain confidentiality and security of information relating to disaster recovery strategy in line with organisational processes
- identify suitable sufficient resources to support your disaster recovery strategy
Manage disaster recovery
- identify threats that could cause disruption to business continuity
- assess the risk to service delivery based on valid reliable and current information and data
- develop a proposed disaster recovery strategy commensurate with identified threat and risk
- balance proposed disaster recovery strategy with your operational requirements
- make sure the scope of threat to the organisation and the limitations of the disaster recovery strategy are understood by appropriate persons
- determine suitable sufficient resources to support your disaster recovery strategy
Knowledge and Understanding
You need to know and understand:
1. current relevant legislation, regulations, codes of practice, standards and guidelines relating to your role
2. current organisational information protection procedures and measures
3. the organisation's business objectives
4. the content of the disaster recovery plan
5. how to check the currency and relevance of the disaster recovery plan
6. who is responsible for updating the disaster recovery plan
7. why it is important to ensure the continuation of business services
8. the emergency business recovery procedures for CCTV
9. how and when to activate the business recovery strategy
10. how and who to contact following system or equipment failure
11. how and why it is important to carry out evacuation, invacuation and relocation drills on a regular basis
12. how and why it is important to ensure regular training and testing of staff
13. the limitations of your role and your responsibilities regarding disaster management
14. how and with who to agree data recovery processes
15. how and why you should carry out regular review of action plans
16. how to establish suppliers and locations to maintain the business critical functions
17. recording and reporting requirements
18. how and why it is important to identify threats that could cause disruption to business critical functions
19. how and why it is important to assess the risk to business continuity
20. why you should develop and balance a proposed disaster recovery strategy against your operational requirements
21. individual roles, responsibilities and abilities of yourself and team members and how to plan for succession
22. how and with who to agree a plan of action
23. how and why you should maintain the security and confidentiality of information
24. what action to take if you suspect a breach of security
25. how and why it is important to maintain confidentiality and security of information relating to disaster recovery strategies