DISASTER
RECOVERY
While Business Continuity Planning refers to the business as a whole, Disaster Recovery looks specifically at the IT systems that support the business's Mission Essential Functions.The goal is for you to strengthen the process your organization uses to recover access to your software, data, and/or hardware that are needed to resume or maintain the performance of normal, critical business functions after an emergency event.
Support Essential Functions
Taking the information gathered in the Business Impact Analysis, we take a look at the IT systems that support and enable those Essential Functions. We will make sure that the corresponding resources have been identified and fully allocated and that the Functions are supported by effective processes and procedures. This is where Disaster Recovery starts.
Determine RPO & RTO
For each of the critical systems, we will need to identify the parameters around which recovery systems and processes must be designed. Recovery Point Objective (RPO) describes the interval of time that might pass during a disruption before the quantity of data lost during that period exceeds the Business Continuity Plan's maximum allowable threshold or "tolerance". The Recovery Time Objective (RTO) is the duration of time within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with the break in continuity. So, both of them influence the kind of redundancy or backup infrastructure you need.
Develop Recovery Strategies
Now that we know the critical systems and the associated RPO and RTO, it is time to design recovery strategies that will be used upon initiation of the continuity plan. Each type of event may dictate a different response so each response should be mapped to an Initiating Event. The responses can incorporate automated system responses or manual responses performed by personnel.
Formulate Response Procedures
While Response Procedures can take a variety of forms, they normally incorporate key processes such as:
-
incident confirmation by one or more parties
-
information gathered to determine exactly what resources are involved
-
IT resource containment
-
analysis of what occurred
-
reporting results to stakeholders and/or leadership
-
follow-up review to determine methods that may prevent similar incidents