DISASTER RECOVERY PLAN
Introduction
Information Technology (IT) has redefined the global business lifecycle. Networking and
Communications have accelerated business operations and made them more flexible. The
Wide Area Network (WAN) and related technologies are the keys for efficient business
operations in the competitive market. Organizations are adopting technology and
standards to keep their IT infrastructure sound and to ensure business continuity. The
continued operations of an Enterprise is determined by its ability to deal with potential
natural or man-made disasters through creating an effective IT Disaster Recovery Plan
(DRP) that can enable minimizing disruptions to the networks, and quickly restore
normalcy of operations.
What is Disaster Recovery Plan ?
Organizations cannot always avoid disasters, but with careful planning the effects of a
disaster can be minimized. A disaster recovery plan (DRP) is a set of procedures to
recover and protect a business IT infrastructure in the event of a disaster, which includes
hardware, software, networks, processes and people. Protecting your firm's investment in
its technology infrastructure, and protecting your firm's ability to conduct business are the
key reasons for implementing an IT disaster recovery plan. The principal objective of the
disaster recovery program is to minimize downtime and data loss, and also to develop,
test and document a well-structured and easily understood plan which will help the
company recover as quickly and effectively as possible from an unforeseen disaster or
emergency, which interrupts information systems and business operations. Minimizing
downtime and data loss is measured in terms of two concepts: the recovery time objective
(RTO) and the recovery point objective (RPO).
Additional objectives include the following:
• The need to ensure that all employees fully understand their duties in implementing
such a plan
1
, • The need to ensure that operational policies are adhered to within all planned
activities
• The need to ensure that proposed contingency arrangements are cost-effective
• The need to consider implications on other company sites
• Disaster recovery capabilities as applicable to key customers, vendors and others
IT disaster recovery plans provide step-by-step procedures for recovering disrupted
systems and networks, and help them resume normal operations. The goal of these
processes is to minimize any negative impacts to company operations. The IT disaster
recovery process identifies critical IT systems and networks; prioritizes their recovery
time objective; and delineates the steps needed to restart, reconfigure, and recover them.
A comprehensive IT DR plan also includes all the relevant supplier contacts, sources of
expertise for recovering disrupted systems and a logical sequence of action steps to take
for a smooth recovery.
There are three basic strategies that feature in all disaster recovery plans: (1) preventive
measures, (2) detective measures, and (3) corrective measures. Preventive measures will
try to prevent a disaster from occurring. These measures seek to identify and reduce risks.
They are designed to mitigate or prevent an event from happening. These measures may
include keeping data backed up and off site, using surge protectors, installing generators
and conducting routine inspections. Detective measures are taken to discover the
presence of any unwanted events within the IT infrastructure. Their aim is to uncover
new potential threats. They may detect or uncover unwanted events. These measures
include installing fire alarms, using up-to-date antivirus software, holding employee
training sessions, and installing server and network monitoring software. Corrective
measures are aimed to restore a system after a disaster or otherwise unwanted event takes
place. These measures focus on fixing or restoring the systems after a disaster. Corrective
measures may include keeping critical documents in the Disaster Recovery Plan or
securing proper insurance policies, after a "lessons learned" brainstorming session.
2
Introduction
Information Technology (IT) has redefined the global business lifecycle. Networking and
Communications have accelerated business operations and made them more flexible. The
Wide Area Network (WAN) and related technologies are the keys for efficient business
operations in the competitive market. Organizations are adopting technology and
standards to keep their IT infrastructure sound and to ensure business continuity. The
continued operations of an Enterprise is determined by its ability to deal with potential
natural or man-made disasters through creating an effective IT Disaster Recovery Plan
(DRP) that can enable minimizing disruptions to the networks, and quickly restore
normalcy of operations.
What is Disaster Recovery Plan ?
Organizations cannot always avoid disasters, but with careful planning the effects of a
disaster can be minimized. A disaster recovery plan (DRP) is a set of procedures to
recover and protect a business IT infrastructure in the event of a disaster, which includes
hardware, software, networks, processes and people. Protecting your firm's investment in
its technology infrastructure, and protecting your firm's ability to conduct business are the
key reasons for implementing an IT disaster recovery plan. The principal objective of the
disaster recovery program is to minimize downtime and data loss, and also to develop,
test and document a well-structured and easily understood plan which will help the
company recover as quickly and effectively as possible from an unforeseen disaster or
emergency, which interrupts information systems and business operations. Minimizing
downtime and data loss is measured in terms of two concepts: the recovery time objective
(RTO) and the recovery point objective (RPO).
Additional objectives include the following:
• The need to ensure that all employees fully understand their duties in implementing
such a plan
1
, • The need to ensure that operational policies are adhered to within all planned
activities
• The need to ensure that proposed contingency arrangements are cost-effective
• The need to consider implications on other company sites
• Disaster recovery capabilities as applicable to key customers, vendors and others
IT disaster recovery plans provide step-by-step procedures for recovering disrupted
systems and networks, and help them resume normal operations. The goal of these
processes is to minimize any negative impacts to company operations. The IT disaster
recovery process identifies critical IT systems and networks; prioritizes their recovery
time objective; and delineates the steps needed to restart, reconfigure, and recover them.
A comprehensive IT DR plan also includes all the relevant supplier contacts, sources of
expertise for recovering disrupted systems and a logical sequence of action steps to take
for a smooth recovery.
There are three basic strategies that feature in all disaster recovery plans: (1) preventive
measures, (2) detective measures, and (3) corrective measures. Preventive measures will
try to prevent a disaster from occurring. These measures seek to identify and reduce risks.
They are designed to mitigate or prevent an event from happening. These measures may
include keeping data backed up and off site, using surge protectors, installing generators
and conducting routine inspections. Detective measures are taken to discover the
presence of any unwanted events within the IT infrastructure. Their aim is to uncover
new potential threats. They may detect or uncover unwanted events. These measures
include installing fire alarms, using up-to-date antivirus software, holding employee
training sessions, and installing server and network monitoring software. Corrective
measures are aimed to restore a system after a disaster or otherwise unwanted event takes
place. These measures focus on fixing or restoring the systems after a disaster. Corrective
measures may include keeping critical documents in the Disaster Recovery Plan or
securing proper insurance policies, after a "lessons learned" brainstorming session.
2
