Learn how to develop disaster recovery strategies as well as how to write a disaster recovery plan with these step-by-step instructions. Once your disaster recovery strategies have been developed, you’re ready to translate them into disaster recovery plans. Then, you’ll need to establish recovery time objectives (RTOs) and recovery point objectives (RPOs). This process can be seen as a timeline, such as in Figure 2, in which incident response actions precede disaster recovery actions.
Based on the findings from incident response activities, the next step is to determine if disaster recovery plans should be launched, and which ones in particular should be invoked. Then define step-by-step procedures to, for example, initiate data backup to secure alternate locations, relocate operations to an alternate space, recover systems and data at the alternate sites, and resume operations at either the original site or at a new location.
The more detailed the plan is, the more likely the affected IT asset will be recovered and returned to normal operation. This section defines the criteria for launching the plan, what data is needed and who makes the determination. If your organisation already has records management and change management programmes, use them in your DR planning. Included within this part of the plan should be assembly areas for staff (primary and alternates), procedures for notifying and activating DR team members, and procedures for standing down the plan if management determines the DR plan response is not needed. There are certain methods to creating a solid disaster recovery plan that every IT manager should follow.
The scope of this plan is to recover from a loss of SQL Server 2005 Integration and Analysis Services. This is the heart of your disaster recovery plan and should include as many pictures, data flows and diagrams as possible. A scope statement, process layering, interrogation and a contact list become the skeleton of your DRP document, and you can use the document for more than just a DRP plan to have on file.
These include preparing risk assessments, mitigating against potential crises, procedures to handle the disaster recovery phase, and organizing testing, training and maintenance instructions for keeping the plan up-to-date. Don't forget to include contacts for the business layer -- they will ultimately have to sign off that any recovery efforts were successful.
Today, disaster recovery plans encompass every type of automated system, including mainframes, midrange computers open systems, desktop devices, and perhaps even PDAs (personal digital assistants). I could go on all afternoon covering the changes just in the years since the first edition of Business Resumption Planning was published. The classical scenarios of fire, flood, earthquake, tornado, sabotage, and other disasters still apply.
At the 100,000-foot level we can split disasters into three categories: natural causes, human error, and intentional causes. I think it's safe to say that most of the people initially tasked with responsibility for a disaster recovery plan by their organizations will not really know where to start.
I have personally seen this type of plan utilize as few as three steps, and as many as six.
After completion of Phase I and Phase II (typically 90 to 120 days), you will finally begin writing the plan.
In summary, often the most difficult part of the planning process is simply getting off square one, and starting.


Formulating a detailed recovery plan is the main aim of the entire IT disaster recovery planning project. In addition to using the strategies previously developed, IT disaster recovery plans should form part of an incident response process that addresses the initial stages of the incident and the steps to be taken. Here we’ll explain how to write a disaster recovery plan as well as how to develop disaster recovery strategies.
The next section should define roles and responsibilities of DR recovery team members, their contact details, spending limits (for example, if equipment has to be purchased) and the limits of their authority in a disaster situation.
A section on plan document dates and revisions is essential, and should include dates of revisions, what was revised and who approved the revisions. Here we can see the critical system and associated threat, the response strategy and (new) response action steps, as well as the recovery strategy and (new) recovery action steps. And since DR planning generates a significant amount of documentation, records management (and change management) activities should also be initiated. Technology DR plans can be enhanced with relevant recovery information and procedures obtained from system vendors.
Check with your vendors while developing your DR plans to see what they have in terms of emergency recovery documentation.
The scope of this plan is to define the recovery steps in the event of a domain controller failure.
The key to the process layering diagram is in building a complete high-level picture of the scope of the Windows disaster recovery plan. You can use this Business Continuity Plan Template (48 page Word, 12 Excel spreadsheets, with its free Business Impact Analysis, and Damage Assessment Report templates to recover quickly and effectively from an unforeseen disaster or emergency. If you have drawn the short straw and been tasked with producing a plan for your organization, then I am both happy and sad for you. All of these play a role in the conduct of today's business, and all of them will have to be considered in your plan. There are portions of this task that can be shared between departments, spreading the workload over more people, the objective being to hopefully come up with a superior plan faster. Indeed, the responsibility to maintain the integrity of the business in the event of a natural disaster, catastrophic human error, major system failure, or even a terrorist attack can be a daunting task at first glance. There are career advantages from the visibility you will receive; after all, for many companies disaster recovery planning is a board-of-directors-level issue.
Once this work is out of the way, you’re ready to move on to developing disaster recovery strategies, followed by the actual plans. The following section details the elements in a DR plan in the sequence defined by ISO 27031 and ISO 24762. Procedures should ensure an easy-to-use and repeatable process for recovering damaged IT assets and returning them to normal operation as quickly as possible.
Once the plan has been launched, DR teams take the materials assigned to them and proceed with response and recovery activities as specified in the plans.
This section should specify who has approved the plan, who is authorised to activate it and a list of linkages to other relevant plans and documents. In the interrogation stage of the disaster recovery plan, you begin to ask questions, fill in the gaps and ultimately gather the knowledge points that currently reside with the key players in your organization.
This BCP provides templates, checklist, forms, and guidelines that cover all functions required in Business Continuity Planning.


These and other events have changed and colored our definition of disasters to the point where they have perhaps permanently altered our very psychology as a nation. The impact of such disasters, however, is intensified today when they take enabling technologies with them and potentially affect millions of people.
A fourth category can also be added called acts of God as a catch-all for disasters that defy classification (the legal term for this is force majeure). That fact needs to be reflected in our recovery plans today, because routers, for example, now do more than only data.
In the meantime, learn everything you can from the consultant, first and foremost because it broadens your skill set and makes you more valuable, even on other non-disaster-recovery-related projects and, second, so that you can become the flag bearer for the disaster recovery project in Phase II - not the expensive consultant. That's why even though we have laid out a thumbnail sketch of a plan and how to implement it, the remaining several hundred pages will dive right into the details. Once you have identified your critical systems, RTOs, RPOs, etc, create a table, as shown below, to help you formulate the disaster recovery strategies you will use to protect them. Important: Best-in-class DR plans should begin with a few pages that summarise key action steps (such as where to assemble employees if forced to evacuate the building) and lists of key contacts and their contact information for ease of authorising and launching the plan. Located at the end of the plan, these can include systems inventories, application inventories, network asset inventories, contracts and service-level agreements, supplier contact data, and any additional documentation that will facilitate recovery. If DR plans are to be invoked, incident response activities can be scaled back or terminated, depending on the incident, allowing for launch of the DR plans. The easiest way to create your disaster recovery document is to start with a framework and then address the details.
At the same time, we are reintroducing tried and tested disaster recovery planning fundamentals.
For the remainder of this chapter, we will provide some basic information about what your planning objectives should be, what it should cost, where to get resources, and where you should start. The consultants will make the compelling point that disaster recovery is important, presenting all the reasons management needs to fund and endorse the project. If you expect to have people, money, and resources to complete a plan, there are some steps to take first. Management never gets off the dime in supporting the plan and the organization "studies" it forever. It is in these plans that you will set out the detailed steps needed to recover your IT systems to a state in which they can support the business after a disaster. These are essential in that they ensure employees are fully aware of DR plans and their responsibilities in a disaster, and DR team members have been trained in their roles and responsibilities as defined in the plans.
These steps will help overcome any writer's block that comes with the seemingly overwhelming task of creating a document such as a disaster recovery plan. As most experienced managers have dealt first hand with projects of equal or greater complexity, most are up to the task of producing a plan. We will cover that fact in this book as well, as it will save you a lot of legwork as you write your plan. You have to phase out what you have and replace it with equipment having fault-tolerant or disaster-resistant characteristics.



Business continuity plan sample template
Us map labeled with abbreviations
About hurricanes and tropical storms
Severe weather safety tips canada


Comments

  1. 27.06.2015 at 19:58:43


    With no problems he proceeds to stock up on the CDC's advised.

    Author: fidos
  2. 27.06.2015 at 23:21:41


    The pieces the longer the spice.

    Author: MAMEDOV
  3. 27.06.2015 at 23:35:45


    This if you are designing a satellite and the.

    Author: Ledi_HeDeF