Learn how to develop disaster recovery strategies as well as how to write a disaster recovery plan with these step-by-step instructions.
The following section details the elements in a DR plan in the sequence defined by ISO 27031 and ISO 24762. In most organizations, Disaster Recovery Planning is the quintessential complex, unfamiliar task. Included with the template are Electronic Forms which have been designed to lower the cost of maintenance of the plan.
Procedures should ensure an easy-to-use and repeatable process for recovering damaged IT assets and returning them to normal operation as quickly as possible. Located at the end of the plan, these can include systems inventories, application inventories, network asset inventories, contracts and service-level agreements, supplier contact data, and any additional documentation that will facilitate recovery. These are essential in that they ensure employees are fully aware of DR plans and their responsibilities in a disaster, and DR team members have been trained in their roles and responsibilities as defined in the plans. Here we can see the critical system and associated threat, the response strategy and (new) response action steps, as well as the recovery strategy and (new) recovery action steps. If DR plans are to be invoked, incident response activities can be scaled back or terminated, depending on the incident, allowing for launch of the DR plans.
And since DR planning generates a significant amount of documentation, records management (and change management) activities should also be initiated. For some businesses, issues such as supply chain logistics are most crucial and are the focus on the plan.
This section defines the criteria for launching the plan, what data is needed and who makes the determination. If your organisation already has records management and change management programmes, use them in your DR planning. For others, information technology may play a more pivotal role, and the Business Continuity Disaster Recovery Plan may have more of a focus on systems recovery.
Included within this part of the plan should be assembly areas for staff (primary and alternates), procedures for notifying and activating DR team members, and procedures for standing down the plan if management determines the DR plan response is not needed. Disk costs are a small component; when you factor in performance degradation, staffing, backup software, and data center costs (air, power, space), the cost of having low-value data in SharePoint and SQL Server adds up. This involves quality checks to verify that backups complete without errors, restores complete without errors, and backup and recovery times and restore points meet SLAs. All Business Continuity Disaster Recovery Planning efforts need to encompass how employees will communicate, where they will go and how they will keep doing their jobs.
But the critical point is that neither element can be ignored, and physical, IT and human resources plans cannot be developed in isolation from each other.
The Disaster Recovery Plan (DRP) is that tool which can be used as a Disaster Planning Template for any size of enterprise. The Disaster Planning Template and supporting material have been updated to be Sarbanes-Oxley and HIPAA compliant. Preparation for Disaster Recovery and Business Continuity in light of SOX has two primary parts.
Disaster Recovery Business Continuity Template (WORD) - comes with the latest electronic forms and is fully compliant with all mandated US, EU, and ISO requirements.


Work Plan to modify and implement the template. Included is a list of deliverables for each task. Click on the link below to get the Disaster Planning and Business Continuity Planning Template full table of contents and selected sample pages now and make it part of your Disaster Recovery Planning toolkit. Testimonial -  Kelly Keeler - Martin's Point Health Care -I have received and I began using the template immediately.
What's more, the myriad interconnected data, application and other resources that must be recovered after a disaster make recovery an exceptionally difficult and error-prone effort. Formulating a detailed recovery plan is the main aim of the entire IT disaster recovery planning project. Once this work is out of the way, you’re ready to move on to developing disaster recovery strategies, followed by the actual plans.
Once you have identified your critical systems, RTOs, RPOs, etc, create a table, as shown below, to help you formulate the disaster recovery strategies you will use to protect them. You’ll want to consider issues such as budgets, management’s position with regard to risks, the availability of resources, costs versus benefits, human constraints, technological constraints and regulatory obligations.
Once your disaster recovery strategies have been developed, you’re ready to translate them into disaster recovery plans.
In addition to using the strategies previously developed, IT disaster recovery plans should form part of an incident response process that addresses the initial stages of the incident and the steps to be taken. Note: We have included emergency management in Figure 2, as it represents activities that may be needed to address situations where humans are injured or situations such as fires that must be addressed by local fire brigades and other first responders. Important: Best-in-class DR plans should begin with a few pages that summarise key action steps (such as where to assemble employees if forced to evacuate the building) and lists of key contacts and their contact information for ease of authorising and launching the plan.
In parallel to these activities are three additional ones: creating employee awareness, training and records management.
This process can be seen as a timeline, such as in Figure 2, in which incident response actions precede disaster recovery actions. Much of this pain is felt in backup and recovery, which must occur on three levels: item, site, and farm. This section should specify who has approved the plan, who is authorised to activate it and a list of linkages to other relevant plans and documents.
The more detailed the plan is, the more likely the affected IT asset will be recovered and returned to normal operation.
The second is to clearly and expressly document all these procedures so that in the event of a SOX audit, the auditors clearly see that the Disaster Recovery and Business Continuity Plan exists and appropriately protects the data and assets of the enterprise..
Technology DR plans can be enhanced with relevant recovery information and procedures obtained from system vendors. Even if you have never built a Disaster Recovery plan before, you can achieve great results.
Check with your vendors while developing your DR plans to see what they have in terms of emergency recovery documentation.
The test plan should be used during the proof of concept or pilot operation, running end-to-end tests, and for getting stakeholders to sign off physically.


Often SharePoint backup and recovery toolsets require servers to be loaded with Windows Server and joined to the domain. The details can vary greatly, depending on the size and scope of a company and the way it does business. The first is putting systems in place to completely protect all financial and other data required to meet the reporting regulations and to archive the data to meet future requests for clarification of those reports. It is in these plans that you will set out the detailed steps needed to recover your IT systems to a state in which they can support the business after a disaster. Then, you’ll need to establish recovery time objectives (RTOs) and recovery point objectives (RPOs). Here we’ll explain how to write a disaster recovery plan as well as how to develop disaster recovery strategies. You’ll need to identify and contract with primary and alternate suppliers for all critical systems and processes, and even the sourcing of people. Be prepared to demonstrate that your strategies align with the organisation’s business goals and business continuity strategies. The next section should define roles and responsibilities of DR recovery team members, their contact details, spending limits (for example, if equipment has to be purchased) and the limits of their authority in a disaster situation. During the incident response process, we typically become aware of an out-of-normal situation (such as being alerted by various system-level alarms), quickly assess the situation (and any damage) to make an early determination of its severity, attempt to contain the incident and bring it under control, and notify management and other key stakeholders. Based on the findings from incident response activities, the next step is to determine if disaster recovery plans should be launched, and which ones in particular should be invoked.
A section on plan document dates and revisions is essential, and should include dates of revisions, what was revised and who approved the revisions.
Once the plan has been launched, DR teams take the materials assigned to them and proceed with response and recovery activities as specified in the plans. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Copyright © 2012 Best Template Collection, All trademarks are the property of the respective trademark owners. Then define step-by-step procedures to, for example, initiate data backup to secure alternate locations, relocate operations to an alternate space, recover systems and data at the alternate sites, and resume operations at either the original site or at a new location. Keep in mind that SharePoint-specific backup toolsets don’t have the throughput of a SQL Server backup toolset. Then consider site security, staff access procedures, ID badges and the location of the alternate space relative to the primary site.
Key areas where alternate suppliers will be important include hardware (such as servers, racks, etc), power (such as batteries, universal power supplies, power protection, etc), networks (voice and data network services), repair and replacement of components, and multiple delivery firms (FedEx, UPS, etc). Just follow the DR Template that Janco has created and you will have a functioning plan before you know it.



Creating a risk assessment plan
Community preparedness for natural disasters


Comments

  1. 23.05.2014 at 17:31:40


    Include an EMP attack and also for.

    Author: miss_x
  2. 23.05.2014 at 19:47:20


    Serene environment exactly where people can invest time thinking longer than we can live would.

    Author: ASKA_KAYF