Disaster Recovery Plan

The purpose of the disaster recovery plan is to have a detailed outline of what personnel, especially in an IT department, are suppose to do in a disastrous event in order to attempt the recovery of mission-critical information that is needed to maintain the business. This plan contains the exact steps and procedures necessary to accomplish all recovery that is possible. These steps are designed to keep a business in operation during the disaster and restoral period afterward.

Angela Devlen, a contributing writer to IT Management News, outlines 12 key elements that should be a part of every DRP in 12 Keys Elements of an Enterprise-Wide Disaster Recovery Plan (2003):

Regulatory Requirements | Some businesses may need to follow certain regulated guidelines as to how to back up specific material and where it can be backed up or recovered to. |

Strategies and Policy | To be endorsed by Senior Management, this section will contain the procedures that will need to take place and outline those policies that they follow. |

Asset Management | A description of the hardware that needs to be recovered. This will include server names, configurations, platforms and applications running on each server. |

Application Analysis | While gathering the known applications, it is necessary to also gather those applications that are tethered as well. Without these “hidden” applications, the primaries may not work after recovery |

Change Management | It should be noted when systems are updated, removed, or newly installed. This will prevent trying to recover old or non-existent software and applications, or forgetting the new ones. |

Business Impact Analysis | Impact of loss of data or applications that cannot or are not recovered should be annotated here for reference and how to fix the problem. |

Risk Assessment | With this RA outline, it will allow the IT personnel understand what risks the company or department faces with external (natural disasters) and internal...