When something happens to your data center, is everyone in the company aware of who can declare a disaster? Many employees within an organization have a misconception about who has the authority to declare that a disaster has occurred such that your company’s DR policy and recovery of the data center should be put into action.
The information around who declares a disaster should be clearly defined within your DR Policy as well as the Business Continuity Management Policy. But, does having the information stored within a policy provide enough information to the rest of the organization so that a process can be followed? Sometimes, through no fault of the DR Manager nor that of the Business Continuity Manager, all individuals, even up to senior level or c-level leaders may not know what is in the DR or BCM Policies. This could occur when new people come into an organization and have not consumed that information, or changes are made to policies and everyone has not yet been updated.
However, many organizations may not have the best method to deliver this message to everyone within the organization. With that being said, the first order of business is to make sure that whoever can declare a disaster is clearly spelled out in both policies and that those individuals are made aware of the process.
Many times, when an issue comes up, such as a loss of a set of servers or an Emergency Power Off (EPO) event occurs where someone presses the red button in the data center by mistake, certain individuals will automatically call for a disaster to be declared. Many of these individuals will not have knowledge about the process of declaring a disaster, nor what should go into determining whether a disaster should even be declared, but will remain vocal about having the declaration made.
These are the times when it is vital that a solid process is in place and the DR and BCM policies have been updated to include this information. Instead of having people within the organization attempting to get their way, thinking that it is the right way, being able to point them to these policies and processes can save large amounts of time and meetings discussing why you haven’t already declared a disaster. Especially when you are probably not the one who can declare the disaster.
One thing to remember throughout this, though, is that no matter who is responsible for declaring the disaster, it is essential that the DR team is a part of the process. Many organizations will decide the CEO, COO, or maybe the CIO are part of the team responsible for declaring the disaster. However, without input from the DR professionals that were hired to help make those decisions, the declaration may be completely without merit. Take the EPO example; shutting off power to a data center does not necessarily constitute a disaster. Therefore, including the DR professionals in the conversation can help steer those making the decision about declaring a disaster in the right direction.
I will talk more about creating a document on defining a disaster in a future post. But, first, getting people to understand who can even declare the disaster is important within any organization employing a DR process.
