Disaster Recovery Planning

Dan Kaplan

If a disaster strikes, can your organization continue to provide businesses and residents the same level of service? Before any significant amount of work can be done to establish a Disaster Recovery Plan (DRP), it is essential to know exactly what the scope of the plan will be and who will be involved in its development. The following are some important considerations.

Define Clear Standards, Tools and Templates
The DRP must be standard across all departments. Standardized templates and tools will be necessary for reporting, assessments, and reviews of processes or procedures.

Achieve Consensus on Disaster Recovery Assumptions
It is important to gather data owners together in order to reach common ground on resource allocations, DRP objectives and priorities. Each owner may have different disaster recovery criteria or risks, so consensus building will help generate goodwill and collaboration. Most important is agreement upon the actual definition of “critical.” Be sure to discuss the following points:

  • General assumptions: What constitutes a worst-case scenario?
  • Disaster scope assumptions: What will be passed off to the business continuity planning team?
  • Recovery time objective assumptions: How long will it take to recover and test each application?
  • Recovery operations assumptions.
  • DRP administration and training assumptions.

Identify all infrastructure priority scales, that is, the most critical applications. Do not over or under estimate priorities. In the middle of a disaster is not the time to be thinking about how long it is going to take to restore your applications. Having a clear plan in place will make the job easier for the Information Technology staff, and ensure critical applications are restored in the correct order. Remember, rapid recovery is the ideal, but actual recovery is the goal.

Store Copies of the Plan
Once completed, it is crucial to maintain copies of the finished DRP in a safe off-site location. Do not keep the DRP in the server room or in an office desk drawer. During or after a disaster, staff may not be able to access the building again (or the building may be destroyed). One option is to keep the DRP documentation online, perhaps in a secured FTP site or a secure portion of the corporate intranet.

Dan Kaplan is Chief Information Officer for NH Local Government Center.  He may be contacted at 800.852.3358 ext. 3322 or at dkaplan@nhlgc.org.

 

Article Topics: