The 5 Key Steps To An Effective Disaster Recovery Plan

The 5 Key Steps To An Effective Disaster Recovery Plan

In an IT context, a disaster is any event that causes sudden damage or incapacitation of a business’s systems.


This could be a data loss via a cyber attack, or temporary outage from a hardware failure. Regardless of size, no business is immune to such events.

 

A disaster recovery plan (DRP) is a detailed approach a business lays out to prepare for such an event. It includes the tools and the operations needed to recover lost data and resume normal business practices ASAP. It’s essentially a contingency plan. And in the following article we’ll look at the 5 key elements that all effective disaster recovery plans should include. 

disaster recovery

 

1. Assemble Your Team 

This should consist of a variety of perspectives over the business’s vulnerabilities. Every organisation is different but typically the following members will feature: 

  • High level leadership
    • They will be the ones signing off budgets and will provide insights on how their department will be affected.  

 

  • Senior IT staff
    • Integral to the project, they will have the clearest idea of all the technical capabilities the business has to make the plan work; storage, networking and what applications are needed.

 

  • Specialised advisors
    • Expert knowledge will often be required for ensuring that compliance requirements are adhered to. Critical business unit advisors are also important for helping IT personnel communicate effectively with other departments. 

 

2. Ascertain Your Risk and Your Vulnerabilities

Your team should now get to know your business’s major weak points. This process is often known as a Business Impact Analysis. 

 

Whilst you should aim to protect as much as you can, you should prioritise. Get to know the elements of the business that would cause the most trouble should a disaster strike. How they will impact your business, your revenue streams and your employees. This process should be combined with a risk assessment as well. Think through as many disaster scenarios as possible and evaluate the likelihood of them happening.

 

3. Set Your Recovery Objectives

 

This specifically involves two things.

  • Setting an RTO (Recovery Time Objective)
  • and the RPO (Recovery Point Objective)
The former determines how much downtime your technology can affordably have before returning to its previous state. The RPO determines the estimated time needed for a system to recover without having a significantly disastrous impact. Guaranteeing these two objectives are met is the mark of a good disaster recovery plan.

 

4. Write the Plan

 

In as much detail as possible outline what will happen in various disaster scenarios. In a nutshell it involves collecting insights and creating a series of action steps in response to them. There are many things to consider here including.

 

  • What will the recovery process look like? What steps need to be taken? E.g. if you have a cloud provider, what steps need to be taken with them to restore your business’s data? 

 

  • Who will need to be notified about what? This involves everyone from employees, to clients, to media outlets. 

 

  • What are the individual stages of the recovery process? 

 

  • What technology will be used? One of the main questions here is selecting a suitable recovery method. Methods include; hard drive recovery, optical recovery, tape recovery and more. The technology you choose will vary on factors such as your timeline and how much data you’re handling. 

 

The measures you put in place should fall into one of three categories. 

 

  • Preventative measures
These identify a risk and reduce it. 

 

  • Corrective measures
What will help restore IT in a new environment.  

 

  • Detective measures
Uncovering potential roadblocks to any corrective measures. 

 

5. Test, Review and Update

A disaster recovery plan is a waste of time if you run it post catastrophe only to find it doesn’t work. This can be avoided by testing every step in your DRP. Ideally every quarter. This is coupled with regular reviewing. 

The nature of your business and the needs of each department are likely to change over time. Are you storing the same levels of data as you were months before? Could there be a new technology on the market that will be better suited to your objectives? Review and redraft your DRP to keep it functional. Both results of the tests you perform and your reviews are likely to contribute to the ever changing document that is your disaster recovery plan. 

This is an overview. The full process involves much more than a short read. That said, we have another resource, namely a Disaster Recovery Plan, which may help give you a quick overview of the process. It can also function as a checklist you can use for when you’re carrying out your Disaster Recovery Plan.  

For best results it's smart to work with professionals that have performed Disaster Recovery Plans before. Intalex is highly experienced in the field and can help you with every step of the process.

Get in contact to find out more.

 

Disaster recovery Planning

Data Backup Software; The Why And the How of Securing Critical Files XenApp vs XenDesktop: Which is Right for Your Organisation?