An unresolved IT disaster can be devastating for any business or organization. Whether caused by a technical failing, targeted attack, employee error or as the result of a natural disaster, steps must be in place to recognize the problem and act upon it swiftly and decisively. But how is it possible to know when to implement a disaster recovery plan? When does a company start their IT disaster recovery process? Fortunately, proper planning can allow these questions to be answered and allow the ensuing processes to kick in quickly and function smoothly. When certain criteria are met, a clear, well laid out plan is implemented to get the affected systems back to normal operating standards.
Implementing an IT disaster recovery process (DRP) requires an activation plan. This covers a wide range of steps that begin with identifying the disaster and end with IT systems that are back up and running normally again. Here we’ve broken down the activation plan into smaller actionable steps:
First of all, it’s important to understand whether the DRP needs to be activated at all. By identifying a series of qualifying events it’s possible to create a set of activation guidelines that will help determine when the DRP needs to be implemented.
There needs to be a precise definition of the types of events that will activate the DRP, how those events are to be assessed and who will be doing those assessments. An authorized person or team needs to be in place to receive the results of the assessment and activate the DRP (or not) according to those results. Once the decision to activate the DRP has been made, that decision needs to be communicated to all the relevant parties.
To ensure the DRP is activated appropriately and in a timely and orderly manner according to the activation guidelines, there needs to be an overall plan of action that covers each step involved. This means having in place a list of activation criteria that includes:
The procedures and criteria used to assess whether a disaster has occurred or not.
The specific conditions that need to occur before the DRP is activated. This should include both quantifying and qualifying the category, magnitude, significance and extent of the conditions.
An approval process overseen by authorized personnel who interpret the disaster assessment procedures and ultimately implement the activation of the DRP, if necessary.
Procedures and personnel in place to ensure the appropriate resources are available for the activation and implementation of the DRP.
A communication plan to ensure all members of the DRP team, as well as associated and affected partners, are kept informed about the actions being taken and their eventual results.
Very often with IT DRPs, timeliness is key. Once all the criteria have been met to activate the DRP, it’s imperative that it occurs immediately and without uncertainty. The time for examination and analysis is during the assessment process, not after the decision has been made to act. Everyone involved will have a role to play and will need to execute their roles as they were originally planned.
Overall, DRP activation can be broken down into four key components: the disaster is recognized and responded to, the DRP is activated, operations are restored and finally, the DRP is assessed, evaluated and improved for future use.
To ensure that your business has a proper disaster recovery plan in place and that unexpected downtime doesn’t mean lost revenue, get a free assessment from MBC today.