Business continuity disaster recovery plans

Procedures and plans supporting business continuity (Disaster Recovery Plans and Contingency Plans) must be specified, tested, and approved before the system is approved for use. Business Continuity Plans will normally be prepared for a business or an operational area rather than for individual computer systems. It is likely that the only way to verify the plan is to walk through a variety of disaster scenarios. Topics for consideration should include catastrophic hardware and software failures, fire/flood/lightning strikes, and security breaches. Alternative means of operation must be available in case of failure if critical data is required at short notice (e.g., in case of drug product recalls). Reference to verification of the Business Continuity Plans is appropriate during OQ/PQ. 

Business Continuity Planning (Disaster Recovery) A disaster recovery plan should be in place to ensure the continued operation of the laboratory in case of an adverse event that renders the instrument out of commission and hence causes interruption to the business processes which the system supports. Adverse events like the failure of the critical hardware components of the instrument and the failure of the application software do happen in the day-to-day operation of a laboratory. The disaster recovery plan should provide the necessary steps to restore the systems back to a functional state. The steps typically include instructions to reinstall the application software to the personal computer controlling the instrument, to reconfigure the instrument, and to restore the backup data to the instrument. 

Business Continuity Plans are sometimes referred to as Disaster Recovery Plans or Contingency Plans. There are two basic scenarios ... 

Servers should be located in secure locations subject to appropriate environmental controls and protected against risks of flooding, fire, etc. Business Continuity Plans and Disaster Recovery Plans should be in place to manage catastrophic events. Such plans should be periodically tested. 

Disaster recovery plan Business continuity plan... 

Business Continuity Plans cover both Contingency Plans and Disaster Recovery Plans. 

Definition of the measures to be taken to allow an operation or process to continue as associated computer systems become unavailable. Sometimes known as a Business Continuity Plan or Disaster Recovery Plan. 

Business Continuity Plans define how significant unplanned disruption to business operations (sometimes referred to as disasters) can be managed to enable the system recovery and business to resume. Disruptions may occur as a result of loss of data or outage of all or part of the computer system s functionality. The range of circumstances causing disruption can range from accidental deletion of a single data file to the loss of an entire data center from, for instance, fire. 

Problem reporting and resolution Software errors and maintenance Backup and recovery of data Archive and restoration of data Maintenance of hardware Disaster recovery (business continuity planning)... 

Do disaster recovery/business continuity plans exist for this platform/network/architecture 11.10(a) 11.10(c)... 

Disaster Recovery and Contingency Plans Business continuity... 

Clear and proper procedures must be in place for using the system (procedures and/or user manual), backup and restoration, periodic evaluation, maintenance and problem management, safety and security, training. Disaster Recovery and Contingency Plans, business continuity, change control, and system retirement. 

Healthcare organisations need to have business continuity plans in place and hosting organisations need tried and tested disaster recovery strategies. The existence of these plans and policies can be used to support the safety case. 

Maintaining Security Level during Operations (includes Maintenance, Change Management and Incident Handling), Disaster Recovery and Business Continuity Planning). This is a critical issue in context of safety certification Security outlives rather quick its life time, so frequent updates are necessary - quite opposite to what safety people want, to avoid re-assessment and re-certification ... 

---