6 scenarios for business continuity plan testing

6 scenarios for business continuity plan testing

Does your plan hold up in a real-world disaster?

November 11, 2019

Formulating a business continuity plan (BCP) is only half the battle. A solid BC strategy needs more than just a well-laid out theory. However, how does your plan hold up in a real-world disaster?

Agility Recovery, a CUNA Strategic Services provider, offers six business continuity plan testing scenarios that will prepare your technologies and teams for the unexpected.

1. Data Loss/Breach.  Data is mission-critical for any company, and losing it can have many serious consequences, such as significantly impacting sales and logistics applications.

The goal is to regain access to that data as soon as possible. Restoring backup is the solution. However, who’s responsible for that? What’s the communication plan in this case? What are the priorities? Who needs to be contacted right away? Are there any vendors involved?

2. Data Recovery. In this scenario, you need to make sure your BCDR systems work like clock-work. To do that, run a test that involves losing a bulk of data, and then try to recover it.

Some of the elements you’ll need to evaluate will include your RTO, and whether your team met its objectives. Besides, was there any damage to the files during recovery? If your backup was stored in the cloud, did you come across any issues?

3. Power Outage. Let’s imagine there was a power outage due to a recent storm. The utility company reported that the power wouldn’t be back up for a few days. What do you do?

First off, your incident response team needs to coordinate among themselves and communicate with the rest of the company.

  • How will you notify your workforce about the incident? Who’s expected to come in the office, and who’s able to work remotely?
  • Which departments get affected the most and thus need immediate relief (e.g., accounting, logistics)?
  • Do you have a backup power generator? Do you or anyone on the team know how to use it?
  • Do you have an arranged office or mobile recovery location?

Answers to these questions must be covered in your BCP. And running a test will give a confirmation that everyone’s on the same page.

4. Network Outage. Power outage inevitably leads to a network outage. However, network outages can happen with electricity still being on, and they could last indefinitely. In such scenarios, many businesses rely on a work from home strategy that isn’t reliable for an extended period of time. When working from home, many employees have various distractions that affect their productivity.

So, during your test, verify the following points:

  • Does everyone have access to their work systems?
  • Is everyone aware of the security measures to take while working remotely (VPN, safe network connection, etc.)?
  • What is the plan for network restoration?

Answers to these questions also need to be specified in your business continuity plan.

5. Physical disruption. One of the most critical company-wide drill that must be completed annually. There may already be a local fire code compliance in your area, but if not, it’s vital to conduct a fire drill regardless.

Similar to a fire drill, you can test response to other situations, like natural disasters (e.g., earthquake, tornadoes, storms) or other critical situations (active shooter, bomb threat, etc.). These exercises will help familiarize everyone with emergency procedures and safety steps to take.

6. Emergency Communication. Being able to communicate during a disaster or an emergency can provide a lifeline. Yet, the most disruptive events—hurricanes, floods, tornadoes—are very likely to leave you with no traditional means of staying in contact.