(This is Part 3 of a multi-part blog examining the “4Ps” of Incident Management Framework)
The previous blog in this series focused on Planning. One of Planning’s critical outcomes should be identification of critical products and services – and what strategies are likely to successfully restore or resume each service. In their simplest terms, Plans are the implementation of those strategies.
- The goal of every plan should be the efficient and predictable resumption of a disrupted service.
- Plans should be a single source of reference for responders to act upon in response to any business disruption.
- Plans should be a concise, unambiguous sequence of tasks. During execution, individual tasks can be monitored for status and execution of the plan can be managed.
- Tasks should be documented, tested and approved.
- Plans should facilitate collaboration and foster dissemination of vital information to all interested stakeholders: Incident Managers, Recovery Teams, Product/Service owners, Business Process managers, and Executive managers (and anyone else appropriate).
- Plans should be reviewed & updated periodically to ensure that are both current and viable
Plan completion shouldn’t just be a checkbox on a BCM audit or standards list. A ‘standardized’ plan outline could make review and audit easier, but a fill-in-the-blanks form – or a checklist – will never be effective enough to assure a successful recovery.
Part 4 of this series will look at Incident Management Framework 3rd P – Preparedness.