Disaster Recovery 101

Written by Darren Buma, CPA, CA on Feb. 19, 2019

Disaster Recovery and Business Continuity Planning, are buzz words that can be seen and heard everywhere, and are on everyone’s to-do list, but as a practice these terms are commonly misunderstood.

There are a few areas that you should clearly define at the initial stages when thinking about your Information Technology and Services Disaster Recovery Plan (DRP). Firstly, set a scope for what your DRP will cover. There are a million “what-ifs” that could be explored but it’s wiser to plan for fire and flood before looking at what a Martian invasion could mean to your business.

Once the scope and severity of different scenarios are defined, you can prioritize systems based on factors such as what they will require for resources and your ability to survive with or without them during an interim period.

Finally, define how the restoration will happen and then simulate a given disaster scenario. This process will be on-going and permanent. As you add new systems, new locations, and new people you must continually test and refine your DRP. These components of planning will bridge into a larger Business Continuity Plan as your DRP matures and the scope of the plan develops.

In many organizations, the operations are automated and the business depends on technology to the point where IT services and operations are one and the same.

A server failure or component malfunction in the IT environment is just one possible disaster.

Typical initial planning on a Disaster Recovery Plan will focus solely on the redundancy of the server and network systems that the business currently uses. This planning is extremely important and should definitely be a high priority but this is not, in itself, a Disaster Recovery Plan.

A server failure or component malfunction in the IT environment is just one possible disaster. Having redundant servers, a backup device, and two Internet connections is little help when water rushes into the room that they are all stored in. This is where defining “disaster” begins. Flood, fire, theft (whether theft of physical IT components or theft of data), and electrical failure are common starting points and can serve as a mental exercise to understand what role IT plays in the business and what could potentially fail. When you define a recovery from a fire, it will mirror many potential scenarios where a disaster destroys your primary server location.

Once you’ve picked your list of disasters, you should try to assign a likelihood and severity to each. If your servers are running offsite at a location with fire suppression and secured access you might want to rate fire and theft as lower risk but if this same location has communications equipment in the basement, flood may be of a higher likelihood and severity. Verizon ran much of its fibre optic network in the basements of Manhattan towers and was severely impacted during Hurricane Sandy.

With a list of potential disasters, likelihoods and severities, you can start to look at prioritizing your varying IT services. Many businesses rely much more heavily on e-mail to function than they realize, and will want to make this a key recovery that is deliverable within hours of a disaster.

Being able to communicate with team members, vendors, and customers is even more critical during a disaster. This is a component that can be mitigated in advance by using services that route mail through offsite servers that can be accessed using a web browser when your primary e-mail server is offline. After e-mail is restored, it is likely you will want to look at what is required to restore your data and access to your primary business applications or your vital Enterprise Resource Planning (ERP) system.

Each firm will have unique requirements but it is much better to decide in advance which services are needed most. Having that debate in a chaotic environment after a disaster will not be effective at all.

continually test and refine your Disaster Recovery Plan

Getting this far is a big step but the most important thing of all is to continually test and refine your Disaster Recovery Plan. A simple fire simulation will expose key weaknesses in your plan and will prepare your key DRP stakeholders for their role in any future recovery efforts. Organizations have realized some very basic but critical flaws during simulations; in some cases, the DRP was a digital Word document and was stored on a server that was destroyed, and in other cases all the cell phone numbers for recovery team members were stored on the mail server that went offline. It’s a lot easier to laugh at and to rectify these mistakes when you find them in the aftermath of a simulated fire and not the real thing.

For any operation that doesn’t yet have a DRP, this can all seem like a lot of work without any immediate pay off, but the most important step in any plan is to just get started. Talk to your IT team or service provider and plan even just a single disaster scenario and take action on some of the deliverables you discover. Offsite backups or failover Cloud services can be small expenses when compared to the risk of your business being offline for days or weeks.

If you need more information or have any questions, feel free to contact us at 780.466.6204, or info@kwbllp.com.

Thanks to Darren Buma of KWB Chartered Accountants for providing much of this content.

Darren Buma, CPA, CA

Darren Buma, CPA, CA

Partner

Darren has a passion for small business and loves to work with both budding and experienced entrepreneurs. After articling with KPMG and receiving his Chartered Accountant designation, he left to explore the world of small business. What he was expecting to be a short exercise turned into nine years of excitement. During that time he helped to grow and operate a variety of private companies in both commercial real estate development and computer software development.

In 2004 Darren joined KWB so that he could have the best of both worlds, running a small entrepreneurial firm and being in a position to help entrepreneurs like you, grow your business and secure your future. He became a partner at KWB in 2007. His knowledge and advice isn't just academic, Darren lives the roller coaster of entrepreneurship that you ride every day.

Aside from his responsibilities at work, Darren is active in the community. He is a past Chair of the Edmonton Chapter of Financial Executives Canada, sits on the disciplinary tribunal roster for the Institute of Chartered Accountants of Alberta, and is active in minor hockey both as Treasurer for his local hockey association as well as coaching numerous hockey teams over the years.

Darren's Contact Information

Other Posts by Darren

Sep 10 2013
Economic Update on U.S Interest Rates

Are you interested in what is happening with interest rates in the U.S.? Here is a quick and easy to understand summary.

Jul 19 2013
Once in a Blue Moon

I recently read an excellent article about a rare economic occurrence that was happening this past June. To help you find out more about this rare economic occurrence, here is the full article prepared by Wealth Stewards Portfolio Management Inc. (WSPM)

Jun 26 2018
TFSA

If one of your New Year’s resolutions was to save more money, then the Tax-Free Savings Account (TFSA) may be a good option for you to use. Learn more about the TFSA rules and limits.

May 30 2017
RRSP Contribution Room

RRSP’s can be a simple concept but they are also governed by some complex rules. Learn more about how your annual contribution limits are calculated and what to do if you have over contributed.

Jul 27 2012
The Value of Advice

What is the value of advice? When it comes to portfolio management, the overall value of the advice can be measured by comparing the performance of one portfolio over another in a specific amount of time. However, when it comes to wealth management, the overall value of the advice discussed regularly with clients is much more difficult to measure. Read on to see some real life examples of the value of the advice given.

Apr 15 2014
2014 Tax Filing Deadline

We would like to remind our clients that for the majority of Canadians, your personal income tax returns normally need to be filed by April 30. If you haven’t already brought us the information we need to prepare your return, we would ask you to do so shortly. CRA has extended the filing and payment

Jun 24 2014
Online Backups - Keeping it simple

Do you know someone who has lost critical and precious information that was stored on their computer? Are there things on your computer that you don’t want to lose such as financial or business records or personal information like family photos? We live in a digital world and we don’t have hard copies of anything

Jul 15 2014
Guide for setting up your business

The following checklist has been prepared to assist you with the steps required and other points to consider when setting up your business. This checklist is not all encompassing, but one tool to help identify key issues that need to be addressed and considered. In addition, we recommend reading Canada Revenue Agency’s (CRA’s) guide "RC4070

Nov 4 2014
FACTA Bank Reporting Requirements

Beginning in July of 2014, Canadian financial institutions will be required to start gathering and reporting information on accounts held by U.S. residents and U.S. citizens, including those who are resident of Canada. The account information will be collected and reported to the Canada Revenue Agency (CRA), who will then transfer the information

Jun 18 2019
Principal Residence Exemption

If you have sold your home and it is your principal residence then you should be able to use the principal residence exemption to reduce or eliminate any capital gain for income tax purposes on the sale of the property. CRA states that a principal residence can be a house, cottage, condominium, apartment, trailer, mobile

Sep 15 2015
Chartered Professional Accountants: It’s all in the name

On July 31, 2015 legislation in Alberta came into effect that will govern all professional accountants under one organization and one brand:  Chartered Professional Accountants or CPA for short. Prior to this change, you would have found Chartered Accountants (CA’s), Certified Management Accountants (CMA’s) and Certified General Accountants (CGA’s) all practicing in Alberta.  Although

Jul 2 2019
New Business Guide for setting up your business

If you are starting a new business in Canada or are operating one already, then this article is for you. Types of business structures The type of structure you choose has a significant effect on the way you report your income, the type of returns you file each year, and many other matters. The three

May 14 2019
Registered Education Savings Plan (RESP)

An RESP is an education savings account that is registered with the Government of Canada that helps you save for a child’s or grandchild's post-secondary education. With an RESP, you may be able to receive other saving incentives, such as the: Canada Learning Bond Basic and Additional Canada Education Savings Grant There are two different types

Oct 9 2018
Strategic Planning

What if you knew the impact of an important decision before you made it? Could you and your business benefit from this “what if” strategic planning? You would be able to look at the potential outcome and financial impact of business decisions before they are made. At KWB we use software called Profit Driver to

Apr 30 2019
Dividends

What’s the difference between eligible and non-eligible dividends?  What are the implications to you? Dividends are payments made to shareholders to allocate the earnings of a corporation.   There are two types of taxable dividends that a corporation can issue, non-eligible and eligible. non-eligible dividends are taxed at approximately 10% more than an eligible