Understanding IT Disaster Recovery Plan

Disaster recovery (DR) involves a set of policies and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. Disaster recovery is therefore a subset of business continuity. Wiki reference

A disaster recovery plan (DRP) is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster. Such plan, ordinarily documented in written form, specifies procedures an organization is to follow in the event of a disaster.

Given organizations’ increasing dependency on information technology to run their operations, a disaster recovery plan, sometimes erroneously called a continuity of operations plan (COOP), is increasingly associated with the recovery of information technology data, assets, and facilities.

Disaster Recover VS Business Continuity – Are you mixing up?

Business Continuity is different than a Disaster Recovery but linked together. Business Continuity is a practice enterprise adopt to protect business from a complete failure and wait for recovery. By adopting business continuity, you can be assured that your business will continuity to run in the event of disaster; until all systems are recovered from disaster.

There are many, many businesses that fail after a disaster without a BC plan. DR will get your hardware, software and apps back up and running, but without a business continuity plan to keep your company going during the recovery process, you might not have a reason to recover those items. BC involves your finances, your personnel, your emergency plans and everything else that is a necessity to keep going and serving.

An example of business continuity is that all your corporate inbound and outbound email will come and go via third party cloud based smart host that will store all your email up to 15~30 days but deliver inbound/outbound email straight away to your corporation which means in the event of disaster you will receive and send email from any devices that has internet connectivity. Once systems is restored, cloud based smart host will sync with on premise Exchange Server.

Disaster Recovery Terminology in Alphabetic Order

Alert – Notification that a potential disruption is imminent or has occurred; usually includes a directive to act or standby.

Application Recovery – The component of Disaster Recovery that deals specifically with the restoration of business system software and data after the processing platform has been restored or replaced.

DR Site – A site held in readiness for use during/following an invocation of business or disaster recovery plans to continue urgent and important activities of an organization.

DR Work Area – Recovery environment complete with necessary infrastructure (desk, telephone, workstation, and associated hardware and equipment, communications, etc)

Backlog – The amount of work that accumulates when a system or process is unavailable for a long period of time. This work needs to be processed once the system or process is available and may take a considerable amount of time to process.
A situation whereby a backlog of work requires more time to action than is available through normal working patterns. In extreme circumstances, the backlog may become so marked that the backlog cannot be cleared.

Backup – A process by which data (electronic or paper-based) and programs are copied in some form so as to be available and used if the original data from which it originated is lost, destroyed or corrupted.

Business Continuity – The strategic and tactical capability of the organization to plan for and respond to incidents and business disruptions in order to continue business operations at an acceptable predefined level.

Checklist Tool to remind and /or validate that tasks have been completed and resources are available, to report on the status of recovery. A list of items (names or tasks etc.) to be checked or consulted.

Contingency Plan An event specific preparation that is executed to protect an organization from certain and specific identified risks and/or threats.

Continuous Availability A system or application that supports operations which continue with little to no noticeable impact to the user. For instance, with continuous availability, the user will not have to re-log in, or to re-submit a partial or whole transaction.

Data Backups The copying of production files to media that can be stored both on and/or offsite and can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.

Data Center Recovery- The component of Disaster Recovery which deals with the restoration of data center services and computer processing capabilities at an alternate location and the migration back to the production site.

Data Recovery- The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.

Database Replication- The partial or full duplication of data from a source database to one or more destination databases.

Disaster- Situation where widespread human, material, economic or environmental losses have occurred which exceeded the ability of the affected organization (2.2.9), community or society to respond and recover using its own resources. Source: ISO 2.1.11

Disaster Recovery- The process, policies and procedures related to preparing for recovery or continuation of technology infrastructure, systems and applications which are vital to an organization after a disaster or outage.

Hot site- An alternate facility that already has in place the computer, telecommunications, and environmental infrastructure required to recover critical business functions or information systems.

Impact- The effect, acceptable or unacceptable, of an event on an organization. The types of business impact are usually described as financial and non-financial and are further divided into specific types of impact.

Incident- An event which is not part of standard business operations which may impact or interrupt services and, in some cases, may lead to disaster.

Network Outage- An interruption of voice, data, or IP network communications.

Off-Site Storage Any place physically located a significant distance away from the primary site, where duplicated and vital records (hard copy or electronic and/or equipment) may be stored for use during recovery.

Outage- The interruption of automated processing systems, infrastructure, support services, or essential business operations, which may result, in the organizations inability to provide services for some period of time.

Recovery- Implementing the prioritized actions required to return the processes and support functions to operational stability following an interruption or disaster.

Replication– Copying a point of time, structured or unstructured data from between site(s)

Risk- Potential for exposure to loss which can be determined by using either qualitative or quantitative measures.

Recovery Point Objective- A recovery point objective, or “RPO”, is defined by business continuity planning. It is the maximum tolerable period in which data might be lost from an IT service due to a major incident. The RPO gives systems designers a limit to work to. Wiki Reference

Recovery Time Objective – The recovery time objective (RTO) is the targeted duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity. Wiki Reference

Service Level Agreement (SLA)- A formal agreement between a service provider (whether internal or external) and their client (whether internal or external), which covers the nature, quality, availability, scope and response of the service provider. The SLA should cover day-to-day situations and disaster situations, as the need for the service may vary in a disaster.

System Recovery- The procedures for rebuilding a computer system and network to the condition where it is ready to accept data and applications, and facilitate network communications.

Validation Script- A set of procedures within the Business Continuity Plan to validate the proper function of a system or process before returning it to production operation.

Workaround Procedures- Alternative procedures that may be used by a functional unit(s) to enable it to continue to perform its critical functions during temporary unavailability of specific application systems, electronic or hard copy data, voice or data communication systems, specialized equipment, office facilities, personnel, or external services.

Developing a DR Strategy

Regarding disaster recovery strategies, ISO/IEC 27031, the global standard for IT disaster recovery, states, “Strategies should define the approaches to implement the required resilience so that the principles of incident prevention, detection, response, recovery and restoration are put in place.” Strategies define what you plan to do when responding to an incident, while plans describe how you will do it.

DR Objectives

  1. Reduce Overall Risk
  2. Maintain and Test Your Disaster Recovery Plan
  3. Alleviate Owner/Investor Concerns
  4. Restore Day-To-Day Operations
  5. Comply With Regulations
  6. Rapid Response

Priority Matrix

Priority Severity Impact
Priority 1 Highest High
Priority 2 Medium High Medium
Priority 3 Medium Medium
Priority 4 Medium low Low
Priority 5 Low Low

Who and What are involved in a Disaster Recovery

  1. People
  2. Physical facilities
  3. Technology
  4. Data (Structured & Unstructured)
  5. Third Party Vendor or Suppliers
  6. IT Governance(Policies & Procedures)

Producing a DR Document

A DR document consist of the following sections:

  1. Title
  2. Sub-Title
  3. Corporate Logo
  4. Document history.
  5. Corporate Copyright Info
  6. Table of Content
  7. Executive Summary
  8.  Introduction
  9. Terminology
  10. Roles and responsibilities.
  11. Third Party
  12. Technologies
  13. Site Diagram
  14. Incident response.
  15. Plan activation.
  16. Procedures.
  17. Appendixes.

In conclusion, once your DR plans have been completed, they are ready to be implemented. This process will determine whether business will recover and restore IT assets as planned. Remember, this is not about IT department, this is about business who wants to comply and understand importance of disaster recovery. You will only succeed if your business is willing to participate and invest CAPEX and OPEX on disaster recovery.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.