Over the years, many of our customers have asked us about the most important items to consider when creating a disaster recovery plan and selecting a vendor to carry out the plan should a business disruption occur. Most companies use a team approach to develop their disaster recovery plan. When it comes to selecting a print-to-mail critical communications vendor, some combination of risk management, procurement, IT and finance teams are usually tasked with creating the plan and often use an RFP process to select a vendor. However, we often see plans and RFPs that overlook or undervalue a number of critical factors.
To avoid disaster with your process, we’ve developed a disaster recovery planning checklist to help teams adequately assess key qualifications for a print-to-mail disaster recovery partner. Experience, facilities, security, quality, testing and implementation procedures are all elements that should be evaluated during the review process.
You can download our full disaster recovery plan checklist here, but today we wanted to cover a few of the most important evaluation factors.
Is print and mail disaster recovery the vendor’s primary business? Too often companies who don’t specialize or even have knowledge in disaster recovery and business continuity are invited into the RFP process. If the company is more of a commercial printer who claims to handle overflow work when necessary, it’s likely they won’t have the protocols and procedures in place to handle your declaration event. They also may not make your work their number one priority and move it ahead of the other jobs in their queue.
What is the location of the primary site to be used to support print–to-mail services in the event of a declared disaster? Working with a local vendor is great for a number of projects – disaster recovery isn’t one of them. If a tornado, flood, massive snow storm or major power outage strikes your location, a local recovery partner will probably be overwhelmed too. They should not be located within your general vicinity, or should have other facilities not in that region.
Does your prospective vendor have a disaster recovery and business continuity plan for their recovery facilities? Not only does this prove they take disaster recovery as seriously as you do, it ensures your critical documents can be printed and mailed if something were to happen at their facility.
Does the vendor meet your stringent data security and quality control policies? If they will be printing and mailing confidential documents on your behalf you will want to be certain they can meet your security requirements. Be sure to ask if they are certified in areas such as PCI (Payment Card Industry), HIPAA and ISO 27001: 2005.
Do they have references for clients who have actually used their services for a declaration event? If they don’t have appropriate references, they may not have the disaster recovery focus you need for your critical communications. Simply put, you can’t afford to be a recovery vendor’s guinea pig.
These are just a few of the factors we’ve taken into account to develop our disaster recovery planning checklist. In our opinion, if a vendor answers “no” to two or more of the questions, you should cross them off the list of candidates. When a disaster strikes, the last thing you’ll want to deal with is a surprise call from your vendor explaining that they’re not prepared to print and mail your critical documents.
Subscribe to SpeakingDIRECT to have new articles delivered to your inbox as they post. We promise to keep it fresh and interesting.