Disaster Recovery (DR) is the process an organization uses to recover access to their data, software, hardware that are needed to resume business critical applications after the event of either a natural disaster or planned caused by humans. When a disaster occurs, the Disaster Recovery plan’s aim is to restore an acceptable level of operations with an acceptable recovery time objects. The overall goal of a Disaster Recovery plan is to minimize downtime in the event a disaster occurs.
Disaster Recovery Plans are generally part of a larger, more extensive practice known as Business Continuity Planning. DR plans should be well practiced so that the Business owners are familiar with the specific actions they will need to take should a disaster occur. DR plans must also be adaptable and routinely updated. Apart from the business critical applications availability, The most important component is human capital which is often overlooked by most corporations. Companies tend to assume that their staff will always be available. When a disaster occurs, sickness, disability of a key employee, or even a death, can have a devastating effect on a business. Business needs and the threats to business are constantly changing. New Customers, and software applications as well as changes to Infrastructure components affect Disaster Recovery plan. It is a good practice to update Disaster Recover Plans anytime a significant change is made to critical business process or the IT infrastructure that supports them. At a minimum, its recommended to test and update disaster Recovery plans on an annual basis.
Disaster Recovery Plan – 101
- Establish Recovery Time Objectives (RTO’s) and the necessary Infrastructure to achieve them.
- Define Disaster Recover Roles and Responsibilities
- Have a Disaster Recovery Communication Plan that details procedure for the activation of the Recovery team.
- Have Detailed Disaster Recover Procedures
- Validation of technical and personnel readiness
- Define Recovery Time Objectives and Recovery Point Objectives
- Testing and verification of technical recovery capabilities at least twice a year, and a team preparedness exercises at least annually.
- A comprehensive plan for providing end users access to systems, irrespective of how networks and hardware may be impacted by Disaster.