Disaster Recovery Planning – 12 Key Steps

Disaster recovery planning – why does it matter? Because reducing the risk of a disaster impacting on the business is all down to robust planning.

Like us or follow us on   

twitter_lg_icon_30x30facebook_lg_icon_30x30linkedin_lg_icon30x30


Planning for a Disaster

In my previous post, we talked about the forms disasters can take and why it is important to have a disaster recovery plan. Once you understand the importance of having a DR plan by looking at the various disaster scenarios and also considering the legal, regulatory, financial and other business reasons dictating the need, it’s time to find out how to get your organisation ready for the next step… Building the plan.

Disaster recovery planning - what's there to lose?

We implement disaster recovery measures to reduce risk to the organisation and reducing the risk of a disaster impacting on the business is all down to robust disaster recovery planning.

A disaster recovery plan provides your IT organisation with the capability to effectively react and mitigate the impact of any disaster-related event. The absence of a disaster recovery plan is a threat to the timely recovery of information assets your company relies on as well as possible contravention of compliance regulations and legal requirements.

A complete and tested disaster recovery plan ensures the availability of IT infrastructure, applications and data, and the IT resources to perform all of the required actions.

1.3hrs is the Recovery Time Objective

 

Depending on the impact of a disaster, the effect on IT can be catastrophic:

What if the business transactions generated since the last successful and available backup are lost? Some companies still carry a paper trail for every transaction, and can capture these transactions later – causing only temporary data loss. This is becoming a rarity though and in many industries, the loss of data can cost organisations millions.

What if access to the business systems is terminated, preventing customers and staff from accessing your company data? The longer the outage lasts, the more exacerbated the problem becomes until permanent damage is done to your brand as customers, unable to access online systems, may look for an alternate provider for the expected service. While the recovery effort might incur costs to restore the services, the brand damage can be permanent.

These points are of concern for senior execs in businesses today and this is driving more robust forms of business recovery.

Ok, so what do I need to capture in this disaster recovery plan?

12 Steps to Comprehensive DR Planning

  1. Your BC (Business Continuity) team should be drawn from across the business, each with specific roles and responsibilities.

  2. Define your company’s likely disaster scenarios and the resources required.

  3. For each disaster scenario, define the critical business functions.

  4. Understand the key interdependencies between the critical functions and applications.

  5. Identify the key IT resources, ensuring there is a proxy or stand-in for each.

  6. Maintain a list of each business function’s systems and the key integration points.

  7. Maintain detailed IT infrastructure and network design documents.

  8. All systems’ data must be protected: Use replication and archiving to tape or electronic vault.

  9. Document the whereabouts of this backed-up data and nominate a document owner.

  10. If a DR partner is contracted to provide data centre and workplace relocation, make sure that declaration information is available.

  11. Define the process for recovering back to the existing or production site post the disaster.

  12. Test, test and retest the Disaster Recovery plan, with all relevant personnel. Your company may one day depend on it.

Disaster Recovery Checklist for Preparedness

  • Is the authorised person responsible for declaring the invocation of the DR Plan identified?

  • Do you have an organization-wide business continuity program that includes a robust disaster recovery plan that is signed off by the CEO or someone at board level?

  • Is your business continuity and disaster recovery plan based upon business impact analysis?

  • Is business continuity and disaster recxovery included in your corporate risk assessment?

  • Do you have formal agreements for an alternate processing site and equipment should the need arise to relocate operations?

  • Do you maintain offsite backups of critical information at a sufficiently geographically diverse location from production?

  • Have your business continuity and disaster recovery plans been tested in the past six to 12 months?

Risk of Do It Yourself DR

Disasters do happen and they are often unforeseen. No one expected the earthquake that wrecked Christchurch, New Zealand in 2011 and Hurricane Sandy that hit the eastern seaboard of the USA in 2012 was forecast but nature took its toll nevertheless. Having a plan in place and activating that plan at the right time can mean the difference between recovery of your business and the unthinkable.

 

If you want to read other blogs on the related topics, click here.


Matthew has global responsibility for implementing and managing Maxava’s Cloud strategies and supporting partners in the delivery of Maxava Cloud Services. Matthew has spent many years working with the IBM i platform and its predecessors, and has extensive experience in the management of multi technology infrastructure operations. He is also known for his expertise in Disaster Recovery / Business Continuity planning, Systems Operations, Outsourced Data Centre management and Cloud Computing Architectures. Matthew is based in London, UK, and is involved in the IBM i user community. For questions about this article, contact Matthew.


Like us or follow us on   

twitter_lg_icon_30x30facebook_lg_icon_30x30linkedin_lg_icon30x30

Comments are closed.