Business continuity, or business closure?
Global IT outages, cyberattacks, and even powercuts can cause serious problems for businesses. Depending on the severity of the incident, businesses can lose huge amounts of money, severely damage reputation, or even face bankcruptcy.
Disasters and emergencies can't be predicted, but you can plan for the worst. Audits are there to consider the absolute worst case scenario, and suggest ways in which you can plan for that situation.
It feels like it's all doom and gloom - but you either plan for the worst, or you face the consequences.
What is the purpose of a Disaster Readiness Audit?
Disaster recovery is like having house or car insurance. You don't plan on using it, but you're relieved you have it when things don't go as intended.
Essentially, a disaster readiness audit looks at your systems and processes, and makes suggestions to ensure you've got things in place in case things go wrong.
Why bother with Disaster Recovery Plans?
Technology disasters go down in history. Some have such a significant impact, that they're remembered for years.
In 2011 a rare tech disaster occured - pretty much the whole of Armenia was taken offline. It turns out a 75-year-old woman was digging for scrap metal and cut off connectivity across the whole country. It seems like a comical event now, but to think a whole country can go offline is unnerving.
The Dyn cyberattack of 2016 affected global companies like Airbnb, BBC, Netflix and Twitter. It's thought to be the largest DDoS attack in history, and hundreds of popular websites were offline for hours.
In 2017, British Airways left thousands of passengers stranded due to a power supply being accidentally turned off at a data centre. This lead to server damage and a power surge. The entire fleet of planes were grounded, and there was catastrophic damage to the airline's finances and reputation.
Also in 2017, the WannaCry ransomware attack targeted PC's running on Microsoft's Windows operating system. The culprits even demanded ransom payments in the form of Bitcoin cryptocurrency. The impact of this attack spread across more than 150 countries.
More recently, CrowdStrike caused a huge global IT outage through a software update which impacted the London Stock Exchange, several airlines, and even news services. It's thought to be the biggest tech disaster since the WannaCry attack.
What’s involved in the process?
The typical audit process includes the following steps:
Planning and scoping
The first step in the audit process is to plan and scope the desired outcomes. We review a company’s network architecture, data security, disaster recovery plan, and other aspects of its IT infrastructure.
Gathering information
Once the objectives and scope of the audit have been set, the next step is to gather information. We complete this through interviews with key personnel, document review, and observation.
Evaluating results
Once the information has been collected, we evaluate against the objectives and scope of the audit. Here we identify any risks or vulnerabilities and opportunities for improvement.
Reporting
The final step in the process is to report the audit results. This report will generally include a summary of the findings and recommendations for improvement.
Interested in our Disaster Readiness Audit?
If you’re interested in a free, no-obligation review, complete the form and a member of the team will be in touch to listen to your problems and arrange your free audit.
