What is it ?

• Risk reduction by designing a recovery capability into each service.
     o At the site level facilitate an alternate building
     o At the server level facilitate High Availability
     o At the human level facilitate multiple heads per skill

• Analysis of resources to highlight existing Single Points of Failure
     o An alternate data path from each end user to each application
     o More than one support staff for each path and application
     o A tested and verified back-up source of data

• A requirement for resilience as part of the development cycle
     o Based in the BIA requirement
     o Resilience intrinsic to the design and build of the application
     o The requirement is included with the development budget

How does it work ?
• Avoid Single-Points of Failure (SPoF) in new services
• Seek out and eliminate SPoF in existing services
• Apply SPoF rules to vendor products and services

Blunder points ?
• Assuming resources are safe and available through time
• Regarding resilience as a design afterthought
• Thinking service providers think as you do

What next ?
Disaster Recovery Planning and Rehearsal