This is Part 3 of how you, as a partner, reduce your personal risk around data security.
The point of a backup is to recover data and systems quickly and fully. If you don’t define what “quickly” and “fully” mean, someone else sets your firm’s standards.
That makes you and your firm vulnerable. Firms lose clients, reputations and even their entire business because they lose too much data or take too long to get operational after a problem.
This post helps senior partners plan ahead and avoid nasty surprises that make you look bad.
A major obstacle to partners setting recovery standards is that they and IT speak different languages. We IT-people love TLAs (Three Letter Acronyms). We bamboozle others with talk of RPO (Recovery Point Objective) and RTO (Recovery Time Objective). Don’t be distracted by these terms, you have two critical standards to set:
- How much data is reasonable to lose?
- How much downtime is acceptable to you?
If this is your first time thinking about these things the natural response is you don’t want any downtime and no data loss. When you realise how expensive that is, you’re happy to compromise. But not too much!
Here’s how to establish a clear recovery target, which you are confident you can hit:
- Write down your answers to the above two questions.
- Agree them with your board or equity partners.
Only senior managers are qualified to decide and balance your firm’s risk, reputation, costs, legal and moral obligations.
- Share them with your IT person. Get them to test and report back to show they are achievable (we covered that in our last post).
Getting standards, relevant to you, written down, agreed and tested are critical first steps for your disaster recovery and business continuity plan. You can build from there. Further decisions become quicker and easier. Starting a written plan proves to clients, professional and regulatory bodies that you take your legal and ethical responsibilities seriously.
The next post helps you tailor and improve your standards and plan. It has some crucial considerations for your plan. We want your firm to be unstoppable in the face of a disaster.
Call or email me if you need those details quicker (020 7572 0000, email@example.com)