IT Disaster Recovery Plan (DRP)
  • 13

IT Disaster Recovery Plan (DRP)

Lennox IT, IT Support in Derby and the East Midlands have been asked by many clients to help with IT Disaster Recovery Plans:

What is and IT Disaster Recovery Plan (DRP)

Information Technology (IT) has redefined the global business lifecycle. Networking and Communications have accelerated business operations and made them more flexible. The Wide Area Network (WAN) and related technologies are the keys for efficient business operations in the competitive market. Organizations are adopting technology and standards to keep their IT infrastructure sound and to ensure business continuity. The continued operations of an Enterprise is determined by its ability to deal with potential natural or man-made disasters through creating an effective IT Disaster Recovery Plan (DRP) that can enable minimizing disruptions to the networks, and quickly restore normalcy of operations.

An IT Disaster Recovery Plan is a comprehensive documentation of well-planned actions that are to be adopted before, during, and after a catastrophic event. In order to ensure business continuity and availability of critical resources during disasters, the plan should be documented and also tested in advance. This will help expedite the process when the actual disaster or emergency strikes. The key to IT or network disaster recovery is preparedness. The DR plan is the master tool of IT-based as well as other organizations to protect their IT infrastructure, ascertain organizational stability, and systematic disaster recovery. The primary objectives of IT/network disaster recovery planning include:

        Minimizing disruption of business operations
        Minimizing risk of delays
        Ensuring a level of security
        Assuring reliable backup systems
        Aiding in restoration of operations with speed

Business vulnerabilities are ever increasing and every organization is compelled to make appropriate disaster recovery plans and use advanced technology to keep its network secure and stable. Network-reliant companies find it an absolute necessity to frame disaster recovery policies and procedures to respond to the varied circumstances and problems. In any organization that prepares itself for Disaster Recovery, the three main points to be considered are Prevention, Anticipation, and Mitigation. Prevention is the act of avoiding those disasters that can be prevented. Anticipation is to plan and develop adequate measures to counter unavoidable disasters. Mitigation is to effectively manage the disasters, and thereby minimize the negative impact.

IT Disaster Recovery planning involves a thorough analysis of existing network structure, applications, databases, equipment, organization setup, and related details. It is important to define in the document about the key components involved in the business, the disaster recovery team personnel with contact details, recovery time objective, and communication methods at the time of the disaster, alternative facility for the organization, and master list of all inventory, storage locations, customer/vendor, forms and policies. The following are the steps that should be taken in IT disaster recovery planning:

1.Constitute a Disaster Recovery Team: The organization should form a DR team that will assist in the entire disaster recovery operations. The team should be composed of core members from all departments with representative from the top management. The team will also be responsible for overseeing the development and implementation of the DR plan.

2. Perform Risk Assessment: A risk analysis and business impact analysis should be conducted, which includes in scope the possible disasters, both natural and man made. By conducting an analysis of the impact and aftermath in disaster scenarios, the security of crucial resources can be determined.

3.Prioritize Processes and Operations: The organization’s critical requirements pertaining to each department must be determined with respect to data, documentation, services, processes, operations, vital resources, and policies/procedures. They should all be categorized and ordered based on priority as Essential, Important, and Non-essential.

4. Data Collection: The complete data about the organization must be gathered and documented. It should include inventory of forms, policies, equipment, communications; important telephone numbers, contact details, and customer details; equipment, systems, applications and resources description; onsite and offsite location; details of backup storage facility and retention schedules; and other material and documentation.

5. Creating the Disaster Recovery Plan: The DR plan should be created in a standard format that would enable detailing of procedures and including essential information. All important procedures should be completely outlined and explained in the plan. The plan should have step-by-step details of what is to be done when the disaster strikes. It should also comprise procedures for maintaining and updating of the plan, with regular review by the Disaster Recovery team and top personnel of the organization.

6. Testing the Plan: The developed Disaster Recovery Plan should be tested for efficiency. Testing provides a platform wherein an analysis can be done as to what changes are required and make appropriate adjustments to the plan. The plan can be tested using different types of tests such as Checklist tests, Simulation tests, Parallel tests, Full interruption tests, etc.

Developing a good IT disaster recovery plan will enable organizations to minimize potential economic loss and disruption to operations in the face of a disaster. It will aid in organized form of recovery, ensuring that the assets of the organization are secure, and pave way for business continuity in the most resourceful manner.

If you need help with your businesses IT Disaster Recovery Plan please feel free to contact us.

Leave a Reply

Contact Us