Why is it important to exercise disaster recovery procedures?
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
To ensure that all the disaster recovery procedures and activities specified in a DR plan work as intended, the plans should be validated by exercising them using a number of approaches. At a minimum a table-top exercise can provide a way to walk through all steps of a DR plan without dealing with an actual event. This technique brings all relevant players together to check that all DR procedures are correct, in the proper sequence, and that all team members understand their roles in the recovery.
To ensure that technology focused plans -- such as those recovering servers for example -- work properly a functional exercise is advised. In this exercise the server in question is taken off-line and backup/recovery sequences are activated using scripts or whatever technique is preferred. This exercise verifies that the scripts include the correct information, the sequence of steps is correct, and all designated employees are able to recover the failed server. After each exercise, be sure to conduct a review of the exercise to find out what worked, what didn’t work, and identify changes to the plan.
In addition to plan exercising, it’s essential to have a maintenance process for all plans. This includes regularly scheduled plan reviews and exercises, updates to risk assessments and BIAs, and updates to technical data and emergency contact lists. To further ensure that plans as well as the overall program are functioning smoothly, annual audits are recommended. Work with internal and/or external auditors to make sure they understand how to audit DR plans.
Dig Deeper on Disaster Recovery Planning-Management
Related Q&A from Paul Kirvan
Business disaster recovery plans can identify opportunities for process improvement, and can be employed as reference documents for use in other new ...continue reading
An organization's cybersecurity work is often separate from its business continuity and disaster recovery. But BC/DR events and cybersecurity ...continue reading
Employee involvement in business continuity and disaster recovery planning starts with a business impact analysis. But participation in the rest of ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.