Every year, multiple surveys find that many organizations do not feel confident in their own DR plans. In 2013, it's time to stop procrastinating. Whether you've been putting off disaster recovery and contingency planning entirely or just haven't kept your DR plan up to date, your organization could be vulnerable to data loss. Or maybe it's not procrastination. Time and time again, we hear that one of the biggest roadblocks to getting DR off the ground is justifying its cost to senior management.
Whatever the reason, if you aren't confident in your organization's ability to restore operations following an outage, this collection of templates, articles and videos can help quell your DR uncertainty. Don't wait until you lose important data to do something about DR. Get started now.
Getting management on board
DR doesn't have to break the bank, but depending on your organization's recovery needs, it can come with a significant investment. Frequently, these costs can be hard to justify. Many have likened DR planning to purchasing insurance, because it requires ongoing investment in something that you may never need to use.
According to Jon Toigo, head of Toigo Partners International, "You need to present a business case for disaster recovery. Risk reduction is not a very efficient way to justify a costly project like disaster recovery." Toigo advises IT pros to look beyond risk reduction and consider cost containment and improved productivity as benefits of disaster recovery and contingency planning.
Check out "Selling management on the importance of DR planning" for more information on how you can make a pitch for DR that management can get behind.
Conducting a risk assessment
Risk assessment is often the first step for DR and contingency planning -- taking an inventory of possible risks to operations. The risk analysis involves risk identification, assessing the likelihood of the event occurring and defining the severity of the event's consequences. Risks could be anything from a power outage or hardware failure to a tornado or flood.
In this guide on risk assessments in disaster recovery planning, learn how to get started with a risk assessment, how to prepare a risk assessment, and natural versus manmade hazards in the risk assessment process. Read the guide and then download our free risk assessment template.
Conducting a BIA
Conducting a business impact analysis is another key step for any DR and contingency plan. A BIA evaluates mission-critical business functions, and identifies and quantifies the impact a loss of those functions (e.g., operational, financial) would have on the organization.
Our business impact analysis template and guide is a helpful resource for your planning needs.
Building a DR plan
A disaster recovery plan provides a structured approach for responding to unplanned incidents. DR plans provide step-by-step procedures for recovering disrupted systems and networks to resume normal operations. The plan identifies critical IT systems and networks, prioritizes recovery time objectives and outlines the steps needed to restart, reconfigure and recover.
That, of course, is easier said than done. It helps to have some guidelines, and many find that having a template to work from is invaluable. Our free IT DR planning template and guide can help structure your planning efforts.
Tailor DR to your business's needs
The templates above are a helpful resource, but downloading a template is not the answer to your DR woes. Use the templates as a jumping-off point for your own research and planning. The most important thing to remember when it comes to DR planning is to make sure the plan is tailored to your specific needs.
"Disasters are relative and contextual. I could take one application down for a week and no one would [notice]," said Toigo. "I could take another application down for a minute and my phone is ringing off the hook. It's different for every company."
Check out "Make your DR/BC planning fit your organization's needs" for Toigo's advice on how to be sure your DR plan truly addresses business needs.
This was first published in January 2013