Which of the following statements is useful while drafting a disaster recovery plan
In today’s digital world, technology disruption for even a few hours can result in significant financial consequences to your business. According to Gartner, the average cost of IT downtime is $5,600 per minute. (That’s more than $300,000 per hour!) For large organizations, that number tops half a million dollars. Show
It’s no wonder that having a well-designed and effectively maintained disaster recovery plan in place will substantially increase your ability to recover lost data and return to normal operations as quickly as possible. So, let’s look at strategies for developing a disaster recovery plan that will protect your organization. (This article is part of our Security & Compliance Guide. Use the right-hand menu to navigate.) Business Continuity Planning vs Disaster Recovery Planning:Business continuity planning (BCP) and disaster recovery planning (DRP) are sometimes used interchangeably. And while they are interconnected, the two are different concepts:
(Compare business continuity to business resiliency.) When crafting the right disaster recovery plan for your business, it’s important to first assess the goals you’d like the plan to accomplish. The purpose of the DR plan is to protect users and the business from financial, legal, privacy and security related repercussions of a disaster incident. Let’s look at the key reasons to plan for disaster recovery. Mitigating riskTo contain the extent and scope of the disaster impact. Conduct a thorough risk assessment and evaluate various targets. Design the DR plan to isolate mission-critical systems and streamline the risk mitigation and remediation pipeline. Reducing disruptionsService availability is critical to business success. A primary goal of a DR plan is to ensure that systems return to normal and optimal performance soon after downtime. Metrics such as Mean Time to Recovery (MTTR) should be optimized within disaster recovery planning. Reducing economic impactPrioritize MTTR of IT assets based on the perceived business value. An optimal disaster recovery strategy is focused on:
Preparing for disastersGetting ready for disasters waiting to happen. Cyberattacks are getting more sophisticated by the day—which means you can always improve your ability to handle the next wave of security threats. Understanding cybersecurity postureCybersecurity is hard. It is time and resource intensive. You need to:
It’s also important to neither overestimate nor underestimate your cybersecurity strength. Understanding your cybersecurity posture helps optimally allocate resources to prepare for and respond to disaster incidents when needed. Achieving regulatory complianceOrganizations should be well prepared in adapting to the changing regulatory environment. A disaster recovery plan should be a part of the compliance strategy as it alleviates risk and provides a systematic approach to recover from disaster situations. Critically, compliance is mandatory for organizations in certain industries, including:
(Understand governance, risk & compliance, known as GRC.) Maintaining brand loyalty, reputation & user trustInternet users today are increasingly aware of their rights to data security, privacy, and control. A DR plan ensures that your users maintain access to their data even when disaster strikes. As a result, service providers maintain trust and brand loyalty necessary to survive the competitive Internet market landscape. Who creates the Disaster Recovery Plan?Now let’s look at creating the plan itself. Before you begin mapping out your DRP, it’s important to have the right people in place to lead the charge. To this end, establish a disaster recovery plan committee which includes key decision makers from across the entire organization:
Collectively, these individuals will be responsible for outlining, implementing, testing, and maintaining the disaster recovery plan. How to create a Disaster Recovery PlanA disaster recovery plan can include an exhaustive set of actionable guidelines for all employees responding to a disaster situation that may impact corporate IT networks and systems. The Disaster Recovery Planning (DRP) document is your roadmap to implementation—as such, you should update it regularly and store it a safe, accessible storage location in event of emergency. (If it’s in the cloud, but your internet is down, how can you access it?) You can follow a Disaster Recovery Planning document template given below to ensure that your workforce can easily understand and adopt the systematic actionable guidelines to protect against disasters: Step 1: Define goalsIdentify your business goals. Associate a business value to your services, systems, departments and organizational functions, and how IT availability impacts various business operations. Step 2: Define responsibilitiesWho is in charge of what? Develop an organizational chart and define the responsibility of each individual involved in executing a DR plan. Step 3: Prioritize application assetsIdentify critical applications and assets. Focus your DR efforts in order of priority based on business value, user impact, legal requirements, ease of recovery, and other applicable factors. Step 4: Describe asset detailsMaintain an exhaustive directory providing details on every asset including vendor details, models and serial number, cost, number, and other relevant details. Step 5: Define backup planDescribe the frequency and schedule of backups. Different libraries and directory objects may be processed for backup at different schedules and volumes based on data storage and transfer cost, speed, business, and legal value. Step 6: Define recovery procedureDefine actionable guidelines focused on three key elements:
Step 7: Plan for mobile & hot sitesEstablish alternative (hot) and mobile facilities to handle the DR operations while the home site is reestablished. This is particularly useful when physical disasters are involved. Step 8: Establish restoration guidelines & frameworkAs the data is recovered from backup sites, how to reestablish the original site, systems, and operations to an optimal state. Step 9: Test, test, testThoroughly test and evaluate your DR plan. Perform DR drills and training sessions to prepare your workforce for potential emergency situations. Step 10: Continual ImprovementContinuously assess, improve and update your DR plan. Keep your records and procedure up to date with respect to risks and resources available to the organization. Time is critical for disaster recoveryIf your organization hasn’t created a disaster recovery plan or hasn’t made it a priority to maintain or improve upon it, then time is of the essence. No business can afford to have an ineffective response to unforeseen circumstances, and once a disaster occurs it’s too late. A disaster recovery plan can be the difference between the survival of your business or becoming another statistic. To avoid costly delays in service, plan your disaster strategy by thinking about goals, performing necessary audits, planning for contingencies and partnering with a third-party vendor, if needed. Related reading
These postings are my own and do not necessarily represent BMC's position, strategies, or opinion. See an error or have a suggestion? Please let us know by emailing . What are the steps in a disaster recovery plan?What Should Be Included in a Disaster Recovery Plan?. Identify Critical Operations.. Evaluate Disaster Scenarios.. Create a Communication Plan.. Develop a Data Backup and Recovery Plan.. Test Your Plan.. Which of the following is the most critical element of an effective disaster recovery plan DRP?One of the most critical components of a disaster recovery plan is an up-to-date communication strategy.
What is the most important aspect of disaster recovery?In order to keep your people and assets fully protected during times of catastrophe, having a plan in place to help guide you is key. But there's one aspect of successful disaster recovery planning that often gets overlooked, and that is: testing your disaster recovery plan.
What is a disaster recovery plan and why is it important to the organization?A disaster recovery plan (DRP) is a documented, structured approach that describes how an organization can quickly resume work after an unplanned incident. A DRP is an essential part of a business continuity plan (BCP).
|