Business Continuity and Disaster Recovery Plans

By Jeff Wilk and Tim Buckler

Disaster Recovery Plans - ants on green leaves

Review Your Business Resiliency Strategy

While today’s businesses need to be ready to handle any sized disaster 100% of the time, it may only take one event to completely disrupt your business, or worse. Not even the most well-managed organization is exempt from the potential risks associated with even the smallest degree of business interruption. Undertaking a thorough review of your current business resiliency strategy is a must.

A comprehensive, strategic plan includes three components:

  1. Business Continuity Plan
  2. Disaster Recovery Plan
  3. Incidence Response Plan

While these terms are often used interchangeably and focus on the basic needs of keeping a business running in the case of a business disruption, they are not the same. Each one of these is different in its definition and development, has different situations which activates them, and focuses on unique aspects of action.

Business Continuity – Significant business disruptions that prevent employees from coming to the office or prevent them performing their duties. For example, a fire destroys an office building.

Disaster Recovery – Disasters that cause network infrastructure or data to become corrupted or unavailable. For example, a power surge knocks out a server.

Incidence Response – Network or security incidents that can result in unauthorized access, data compromise or data egress. For example, a phishing attack.

We often see clients with business continuity or disaster recovery plans that have only the most basic of components, and that are not customized to meet their specific needs. Oyster Consulting has extensive experience working with firms on their business resiliency. Our experts will collaborate with your team to establish the right overall plans customized to your business and provide guidance on how to activate that plan at the right time. Together, these can make all the difference with your firm’s ability to recover from a disruptive event at anytime, anywhere. 

Our process can take you through exercises including, but not limited to:

  • Current risk identification
  • Business impact analysis
  • 3rd party exposure
  • Key position and function identification
  • Geographic footprint considerations
  • Work from home policies and connectivity requirements
  • Adherence to regulatory mandates
  • Data protections
  • Recovery site, recovery time and recovery point identification
  • Response scripts, mock event testing and tabletop exercises
  • Internal and external communication template creation
  • Employee education

Oyster’s industry professionals have first-hand experience as firm leaders in business resilience strategy, development, and implementation. This includes incident/event management, technology infrastructure resilience and recovery, and operations management. Oyster understands how to help identify and prioritize critical activities and deliver testing plans to mitigate the impacts of business disruptions. Our solutions are practical and tailored to your firm’s business model.

About The Authors
Photo of Jeff Wilk

Jeffrey Wilk

Jeff Wilk started his career as an Advisor and has a strong track record of executive success in strategic planning and execution, business assessment, transformation and growth. Jeff was directly accountable for several mergers/acquisitions, product and digital platform transformations, patent-pending products, and operating model RFPs and overhauls, including delivering the industry’s first “Robo” platform.

Photo of Tim Buckler

Tim Buckler

Tim Buckler has spent 10 years in the financial services industry, with a focus on project management, cybersecurity, data analysis, and compliance. Tim’s experience includes project management support for clearing platform conversions, cybersecurity assessments, GDPR and CCPA assessments, performing 12b-1 Mutual Fund fees analysis for regulatory initiatives, and ownership changes for custodial IRA held annuities.