Disaster Threat Analysis

Definition

Disaster threat analysis is the disaster recovery task during which the threat posed by potential disasters are analyzed.

Objectives

The typical objectives of disaster threat analysis are to:

• Identify potential levels and types of disasters.
• Analyze the probability of occurance of potential disasters.
• Analyze the potential negative impacts of potential disasters.
• Document the results of the analysis of potential disasters.

Preconditions

Disaster threat analysis can begin when the following preconditions hold:

• The project has started.
• The disaster recovery team is adequately staffed and trained in disaster planning.

Completion Criteria

Disaster threat analysis is complete when the following postconditions hold:

• All planned disaster threat analysis steps have been performed.
• The disaster threat analysis section of the disaster recovery plan is completed and has passed inspection.

Steps

Disaster threat analysis typically involves the disaster recovery team performing the following steps in an incremental, iterative, parallel, and time-boxed manner:

• Define Disaster. Formally define the meaning of the term disaster for the current endeavor. For example:

  
  "A disaster is any incident or event that results in a major (multi-day) interruption of operations at one or more of the contact or data centers. For disruptions in service that affect only a portion of systems or operations at any one contact or data center, only a subset of the full recovery procedures will likely be used to restore normal operations. However, a catastrophic disaster would render the center(s) incapable of conducting critical functions for an extended period of time."

• Disaster Level. Determine the different levels of disaster based on their impact, probability of occurance, and/or how they will be handled. For example:
  1. Limited Disaster.
     A limited disaster is characterized by limited or isolated damage to a part of a contact or data center that is sufficient that has disabled or will disable it, partially or completely, for a period of 24 hours.
  2. Moderate Disaster.
     A moderate disaster is characterized by severe damage to the entire contact or data center, thereby temporarily prohibiting the performance of all user support or operations tasks. It requires either temporarily allocation of the workload to other existing sites or else temporarily transfer to a hot-backup site until the facility can be repaired. However, no cold backup site is required because of the limited time required to put the affected site into full operation.
  3. Catastrophic Disaster.
     A catastrophic disaster is characterized by complete destruction of a contact or data center. Because the center is a total loss and needs to be completely rebuilt or replaced, it requires either temporarily allocation of the workload to other existing sites or else temporarily transfer to either a hot or cold-backup site.
• Disaster Types. Identify the potential types of disaster including:
  • Natural Disasters:
    • Earthquake.
    • Fire.
    • Flood.
    • Major storms such as tornados and hurricanes.
    • Mudslide.
    • Blizzard.
  • Man-Made Disasters:
    • Loss of electrical power (e.g., power brownouts and blackouts, accidental cutting of power cables).
    • Loss of cooling.
    • Loss of network connectivity.
    • Loss of telephone service (e.g., accidental cutting of telephone lines)..
    • Hardware component failure.
    • Failure of physical security.
    • Loss of required staffing (e.g., evacuation, strike, or sick-out).
    • Sabotage.
    • Bomb threat.
    • Hacker attacks.
    • Water or sewer line breaks.
    • Flooding or roof cave-in due to plumbing problem.
• Probability. For each type of disaster, determine its probability of occurance.
• Impact. For each type of disaster, determine its potential impact (e.g., in terms of loss of service, facilities, equipment, software, and data).

Techniques

Disaster threat analysis can typically be performed using the following techniques:

• Interviews with subject matter experts.
• Reuse of the results of previous disaster threat analyses.

Work Products

Disaster threat analysis typically results in the production of all or part of the following work products:

• The disaster threat analysis sections of the:
  • Disaster Recovery Plan
  • Disaster Status Report

Guidelines

• Perform this task in coordination with relevant risk management, safety engineering, and security engineering tasks.