UNDER Murphy's Law, anything that can go wrong will. Electronic data processing (EDP) managers probably appreciate this more than any other professional. The more a system is used, the greater the chance the system will be off-line. This, in turn, will add to the possibilities of a disaster eventually occurring. Therefore, it is vital that EDP managers take steps to lessen the chance of a disaster occurring by having practices that contain such possibilities and stop them from escalating. They should also introduce policies that enable their organisations to minimise the effect of a computer disaster and recover in a short space of time. Much can be achieved to promote disaster avoidance if the correct approach is taken to both emergency and safety procedures. When a computer disaster occurs (due to fire, explosion, flooding or other factors), emergency procedures should be accompanied by actions to lessen the impact. On the sounding of an alarm, all staff should return exchangeable disks to secure storage. Equipment should be powered down and protected where possible. Mainframes should be covered with plastic sheeting to prevent possible water damage from fire-fighting and flooding. Air-conditioning systems should be shut down to prevent the spread of fire. Site location is also an important factor in avoiding computer disasters. More than 50 per cent of computer disasters are the result of environmental factors. It is, therefore, beneficial to have a purpose-built site for information technology (IT) activities. Such a site should be separate from other business activities and non-IT personnel. Environmental controls such as air-conditioning and water supply must be completely separated. Access to IT sites should also be limited. One important aspect which is often overlooked when locating a major IT site is the neighbours. Having full knowledge of the activities of neighbouring companies and social conditions of the location is important. For example, neighbourhoods with high vandalism or burglary are not suitable for sophisticated computer installations. Installing such equipment in locations higher than five storeys, or in basements, is also not recommended. When electricity is cut, lifts stop working. This makes the removal of computer disks and staff difficult - even impossible in some situations. Fire fighting is also difficult over five storeys and basements are susceptible to flooding. Backing up off-site is perhaps the best known way of minimising the effect of a computer disaster. However, not all organisations perform off-site backup effectively. Solid off-site back-up practices include: A records retention policy for all critical assets: data, documentation, programs, wish lists, and the like. Regular checking of daily backup procedures, for example checklists. Ensuring backups are removed off-site as per policy - the key to successful recovery is data. Use of professionally made cabinets or safes. Keeping cabinet or safe doors closed and locked. Ensuring rotation cycles are adhered to and data is transferred in boxes, preferably colour coded by type or application. Even when an organisation's main computer facilities are totally destroyed, a standby facility at another location can be loaded up with backup data and brought on-line within a day or two. The options for obtaining standby facilities include reciprocal arrangement with another user, ''warm''-start centres and ''hot''-start centres, both external and internal. While the reciprocal approach to standby facilities is inexpensive, it offers many security concerns and the risk of denial of service when a disaster actually happens. A warm-start centre is, basically, a computer room that is available for a given period of time. When a disaster occurs, backup data is loaded on to the systems. A hot-start centre offers a total solution of hardware and ancillary services.