This White Paper, the first in our three-part set on disaster recovery planning, describes the planning process itself. The second and third papers deal with specific methods for organising and writing the disaster recovery plan, and for collecting data for the plan, respectively. Based on the various considerations addressed during the planning phase, the process itself and related methodology can be just as beneficial as the final written plan.
The importance of disaster recovery planning
Most businesses depend heavily on technology and automated systems, and their disruption for even a few days could cause severe financial loss and threaten survival.
The continued operations of an organisation depend on management's awareness of potential disasters, their ability to develop a plan to minimise disruptions of critical functions and the capability to recover operations expediently and successfully.
A disaster recovery plan is a comprehensive statement of consistent actions to be taken before, during and after a disaster. The plan should be documented and tested to ensure the continuity of operations and availability of critical resources in the event of a disaster.
The objectives of disaster recovery planning
The primary objective of disaster recovery planning is to protect the organisation in the event that all or part of its operations and/or computer services are rendered unusable. Preparedness is the key. The disaster recovery planning process should minimise the disruption of operations and ensure some level of organisational stability and an orderly recovery after a disaster.
Other objectives of disaster recovery planning include:
- providing a sense of security
- minimising the risk of delays
- guaranteeing the reliability of standby systems
- providing a standard for testing the plan
- minimising decision making during a disaster.
Planning process methodology
The process of developing a disaster recovery plan can be broken down into ten steps.
- Obtain top management commitment to the disaster
recovery plan
Top management must support and be involved in the development of the disaster recovery planning process. Management should be responsible for coordinating the disaster recovery plan and ensuring its effectiveness within the organisation.
Adequate time and resources must be committed to the development of an effective disaster recovery plan. Resources could include both financial considerations and the effort of all personnel involved. - Establish a disaster recovery planning committee
A planning committee should be appointed to oversee the development and implementation of the disaster recovery plan. The planning committee should include representatives from all functional areas of the organisation. Key committee members should include the operations manager and the data processing manager. The committee also should define the scope of the disaster recovery plan. - Perform a risk assessment
The disaster recovery planning committee should prepare a risk analysis and business impact analysis that includes a range of possible disasters, including natural, technical and human threats.
Each functional area of the organisation should be analysed to determine the potential consequence and impact associated with several disaster scenarios. The risk assessment process should also evaluate the safety of critical documents and vital records.
Traditionally, fire has posed the greatest threat to an organisation. Intentional human destruction, however, should also be considered. The disaster recovery plan should provide for the "worst case" situation: destruction of the main building.
It is important to assess the impacts and consequences resulting from loss of information and services. The disaster recovery planning committee should also analyse the costs related to minimising the potential exposures. - Establish priorities for processing and
operations
The critical needs of each department within the organisation should be carefully evaluated in such areas as:
- functional operations
- key personnel
- information
- processing systems
- service
- documentation
- vital records
- policies and procedures.
A method of determining the critical needs of a department is to document all the functions performed by each department. Once the primary functions have been identified, the operations and processes should be ranked in order of priority: essential, important and non-essential. - Determine disaster recovery strategies
The most practical alternatives for processing in case of a disaster should be researched and evaluated. It is important to consider all aspects of the organisation, including:
- facilities
- hardware
- software
- communications
- data files
- customer services
- user operations
- management information systems (MIS)
- end-user systems.
- hot sites
- warm sites
- cold sites
- reciprocal agreements
- two data centres
- multiple computers
- service centres
- consortium arrangement
- vendor supplied equipment
- combinations of the above.
- contract duration
- termination conditions
- testing
- costs
- special security procedures
- notification of systems changes
- hours of operation
- specific hardware and other equipment required for processing
- personnel requirements
- circumstances constituting an emergency
- process to negotiate extension of service
- guarantee of compatibility
- availability
- non-mainframe resource requirements
- priorities
- other contractual issues.
- Perform data collection
Recommended data gathering materials and documentation include:
- backup position listing
- critical telephone numbers
- communications inventory
- distribution register
- documentation inventory
- equipment inventory
- forms inventory
- insurance policy inventory
- main computer hardware inventory
- master call list
- master vendor list
- microcomputer hardware and software inventory
- notification checklist
- office supply inventory
- off-site storage location inventory
- software and data files backup/retention schedules
- telephone inventory
- temporary location specifications
- other materials and documentation.
- Organise and document a written disaster recovery
plan
An outline of the plan's contents should be prepared to guide the development of the detailed procedures. Top management should review and approve the proposed disaster recovery plan. The outline can be used for the table of contents after final revision. Other benefits of this approach are that it:
- helps to organise the detailed procedures
- identifies all major steps before the writing begins
- identifies redundant procedures that only need to be written once
- provides a road map for developing the procedures.
The disaster recovery plan should be thoroughly developed, including all detailed procedures to be used before, during and after a disaster. It may not be practical to develop detailed procedures until backup alternatives have been defined.
The procedures should include methods for maintaining and updating the disaster recovery plan to reflect any significant internal, external or systems changes. The procedures should allow for a regular review of the plan by key personnel within the organisation.
The disaster recovery plan should be structured using a team approach. Specific responsibilities should be assigned to the appropriate team for each functional area of the company.
There should be teams responsible for administrative functions, facilities, logistics, user support, computer backup, restoration and other important areas in the organisation.
The structure of the contingency organisation may not be the same as the existing organisation chart. The contingency organisation is usually structured with teams responsible for major functional areas such as:
- administrative functions
- facilities
- logistics
- user support
- computer backup
- restoration
- other important areas.
The management team also oversees, documents and monitors the recovery process. Management team members should be the final decision makers in setting priorities, policies and procedures.
Each team has specific responsibilities that must be completed to ensure successful execution of the disaster recovery plan. The teams should have an assigned manager and an alternate in case the team manager is not available. Other team members should also have specific assignments where possible. - Develop testing criteria and procedures
It is essential that the disaster recovery plan be thoroughly tested and evaluated on a regular basis (at least annually). Procedures to test the plan should be documented. The tests will provide the organisation with the assurance that all necessary steps are included in the plan. Other reasons for testing include:
- determining the feasibility and compatibility of backup facilities and procedures
- identifying areas in the plan that need modification
- providing training to the team managers and team members
- demonstrating the ability of the organisation to recover
- providing motivation for maintaining and updating the disaster
recovery plan.
- Test the disaster recovery plan
After testing procedures have been completed, an initial test of the plan should be performed by conducting a structured walk-through test. The test will provide additional information regarding any further steps that may need to be included, changes in procedures that are not effective, and other appropriate adjustments. The disaster recovery plan should be updated to correct any problems identified during the test. Initially, testing of the plan should be done in sections and after normal business hours to minimise disruptions to the overall operations of the organisation.
Types of tests include:
- checklist tests
- simulation tests
- parallel tests
- full interruption tests.
- Approve the disaster recovery plan
Once the plan has been written and tested, it should be approved by top management. It is top management's ultimate responsibility that the organisation has a documented and tested disaster recovery plan.
Management is responsible for:
- establishing policies, procedures and responsibilities for comprehensive contingency planning
- reviewing and approving the contingency plan annually,
documenting such reviews in writing.
- evaluate the adequacy of contingency plans for its service bureau
- ensure that its contingency plan is compatible with its service bureau's contingency plan.
Summary
Disaster recovery planning involves more than off-site storage or backup processing. Organisations should also develop written, comprehensive disaster recovery plans that address all the critical operations and functions of the business.
The plan should include documented and tested procedures, which, if followed, will ensure the ongoing availability of critical resources and continuity of operations.
The probability of a disaster occurring in an organisation is highly uncertain. A disaster recovery plan, however, is similar to liability insurance: it provides a certain level of comfort in knowing that if a major catastrophe occurs, it will not result in financial disaster.
Insurance alone is not adequate because it may not compensate for the incalculable loss of business during the interruption or the business that never returns.
Other reasons to develop a comprehensive disaster recovery plan include:
- minimising potential economic loss
- decreasing potential exposures
- reducing the probability of occurrence
- reducing disruptions to operations
- ensuring organisational stability
- providing an orderly recovery
- minimising insurance premiums
- reducing reliance on certain key individuals
- protecting the assets of the organisation
- ensuring the safety of personnel and customers
- minimising decision making during a disastrous event
- minimising legal liability.
For more information on disaster recovery planning please see our related White Papers, Writing a disaster recovery plan and Collecting data for a disaster recovery plan.