Call Us: US - +1 845 478 5244 | UK - +44 20 7193 7850 | AUS - +61 2 8005 4826

management development

Disaster recovery planning steps

The disaster recovery plan process involves more than simply writing the document.

In advance of the writing, a risk analysis and business impact analysis help determine where to focus resources in the disaster recovery planning process. The BIA identifies the impacts of disruptive events and is the starting point for identifying risk within the context of disaster recovery. It also generates the RTO and RPO. The RA identifies threats and vulnerabilitiesthat could disrupt the operation of systems and processes highlighted in the BIA. The RA assesses the likelihood of a disruptive event and outlines its potential severity.

A DR plan checklist includes the following steps, according to independent consultant and IT auditor Paul Kirvan:

  • Establishing the scope of the activity;
  • Gathering relevant network infrastructure documents;
  • Identifying the most serious threats and vulnerabilities, and the most critical assets;
  • Reviewing the history of unplanned incidents and outages, and how they were handled;
  • Identifying the current DR strategies;
  • Identifying the emergency response team;
  • Having management review and approve the disaster recovery plan;
  • Testing the plan;
  • Updating the plan; and
  • Implementing a DR plan audit.

Disaster recovery plans are living documents. Involving employees — from management to entry-level — helps to increase the value of the plan.

Creating a disaster recovery plan

An organization can begin its DR plan with a summary of vital action steps and a list of important contacts, so the most essential information is quickly and easily accessible.

The plan should define the roles and responsibilities of disaster recovery team members and outline the criteria to launch the plan into action. The plan then specifies, in detail, the incident response and recovery activities.