Do you ever have disaster recovery plan? Do you what it is? This entry will show you the disaster recovery planning steps. But, before that, let’s see what is mean by disaster recovery.
What is disaster recovery?
- In the IT space, disaster recovery focuses on the IT systems that help support critical business functions. The term “business continuity” is often associated with disaster recovery, but the two terms aren’t completely interchangeable. Disaster recovery is a part of business continuity. It focuses more on keeping all aspects of a business running despite the disaster. Because IT systems these days are so critical to the success of the business, disaster recovery is a main pillar in the business continuity process.
- Disaster recovery is the process of resuming normal operations following a disaster by regaining access to data, hardware, software, networking equipment, power and connectivity. However, if your facilities are damaged or destroyed, activities may also extend to logistical considerations like finding alternate work locations, restoring communications, or sourcing anything from desks and computers to transportation for employees. Disaster recovery response should follow a disaster recovery plan – a documented process or set of procedures developed specifically to prepare the organization to recover in the shortest possible time during a period of acute stress.
Why Disaster Recovery?
To prepare for potential disaster situations, organizations can prepare a disaster recovery plan, which includes a recovery point objective (RPO) and recovery time objective (RTO). RPO states the frequency of data backups that the organization requires. RTO determines the maximum amount of downtime that the organization can handle. This metrics create limits to guide the choice of IT strategy, processes and procedures that make up an organization’s disaster recovery plan.
Disaster recovery planning steps
The disaster recovery plan process involves more than simply writing the document.
In advance of the writing, a risk analysis and business impact analysis help determine where to focus resources in the disaster recovery planning process. The BIA identifies the impacts of disruptive events and is the starting point for identifying risk within the context of disaster recovery. It also generates the RTO and RPO. The RA identifies threats and vulnerabilities that could disrupt the operation of systems and processes highlighted in the BIA. The RA assesses the likelihood of a disruptive event and outlines its potential severity.
A DR plan checklist includes the following steps, according to independent consultant and IT auditor Paul Kirvan:
- Establishing the scope of the activity
- Gathering relevant network infrastructure documents
- Identifying the most serious threats and vulnerabilities and the most critical assets
- Reviewing the history of unplanned incidents and outages and how they were handled
- Identifying the current DR strategies
- Identifying the emergency response team
- Having management review and approve the disaster recovery plan
- Testing the plan
- Updating the plan
- Implementing a DR plan audit.
- Disaster recovery plans are living documents. Involving employees (from management to entry-level) helps to increase the value of the plan.