What is a disaster recovery plan?

2014 was the year UK organisations realised their DR strategy was putting their business at risk. 2015 is the year they do something about it.

But for disaster recovery planning to be effective, we have to really understand what it is and why we need it.

What is a DR plan?

First things first: a Business Continuity Plan (BCP) is not a disaster recovery plan, and vice versa. You need both. A BCP sets out how the entire business will respond to and recover from any unexpected incident and get back to business as usual, as fast as possible. It will also include how you maintain "continuity" for your customers.

The BCP will include a Business Impact Analysis (BIA). The BIA identifies the financial and operational costs caused by disruption to the organisation. These costs can include anything from loss of profits, to the cost of new equipment to the cost of marketing after the disaster. It should consist of two parts: an analysis of business functions and the impact disruption would have on the business, and a plan for how to minimise it.

A DR plan is a sub-set of the wider Business Continuity Plan, and details the procedures for the organisation's IT infrastructure specifically. It is a comprehensive, step-by-step plan and should include call lists with contact details for your employees, key emergency contacts (who are available 24 hours a day) and any third party suppliers. There should be a nominated manager of the communication list to confirm that the correct calls are actually being made and that there is no confusion up or down the chain.

To ensure your recovery can be completed as quickly as possible, a good disaster recovery plan includes an up to date and detailed network diagram. This should be a diagram of the entire network and every aspect should be clearly identified.

An application list that details every system within every function that would be affected by IT downtime will also feature in the DR plan. Each item should be allocated an owner, including their contact details, and should be given a priority rating for restoration. Some functions you could live without for a day, while others you'll need back as soon as possible – it's important to make that distinction in order to spend your time wisely. You can use the findings from your BIA to inform this section.

Why do you need a DR plan?

As technology plays more of a vital role in our organisations, uptime becomes more important. Could your business survive one hour of downtime? Probably. 4 hours? Sure, maybe. How about 24 hours?

Most business functions are now at least partly dependent on IT. The sophistication of technology today means that customers have higher expectations than ever before as to how their product or services should perform. Your cost of downtime doesn't just include the profit you lose while you're offline, or the salaries you're paying despite operations being halted – the cost of reputational damage can extend much, much further.

Any business that has experienced IT downtime will tell you that when the clock starts ticking, every second counts: being able to recover quickly could be the difference between an organisations survival and end. Every minute that you're not fully operational is a minute you're losing money.

We created the Cost of Downtime Calculator to allow organisations to work out what a disaster would cost them. You can calculate how much it would cost you per hour, per department or per IT function. Using these figures you can accurately work out how long you could afford to be offline for and the right RTO (Recovery Time Objective) for your business. There isn't one right answer. Your business may have a very high cost of downtime per hour but relatively low risk of downtime or vice-versa. This is a decision that should be made by the business, and by the owner of the BCP.

How do you write a DR plan?

Your DR plan should be your go-to document in the event of a disaster. Every member of your team needs to understand their role in the recovery process, in order to get back to business in the time your organisation deemed acceptable.

Once you've established the recovery deadline you're working towards, you need to know how you're going to get there and who should be doing what. Use this DR Responsibilities Wall Chart as an example of typical roles and responsibilities so your team can see what they are responsible for, and who they should be reporting to.

To create your more detailed plan, you can use something like this DR Runbook. This should cover the IT specifics - every procedure and process to follow in a DR situation: key contacts, who should be calling who, details on your recovery locations, event logs, etc. You just fill in all the details specific to your organisation.

It's important to remember that writing a disaster recovery plan is not a one-time deal. It's a working document that needs to be constantly updated as and when any changes occur within the organisation that might affect your team's ability to recover. A three year old DR Plan that refers to long-retired employees and systems won't be helpful to the recently hired junior admin who has to use it when the office has flooded.

Contact us:

UK

Call free within the UK
0800 033 6633

Overseas

Outside the UK?
+44 (0)203 1771 910

General Enquires

contact@databarracks.com

Support

support@databarracks.com

Sales

sales@databarracks.com

Accounts

accounts@databarracks.com

Careers

recruitment@databarracks.com

Marketing

marketing@databarracks.com

Follow us:

LinkedIn
Twitter

Visit us:

Address:

Databarracks Ltd
1 Bridges Court
London
SW11 3BB

Get in touch:

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

This website uses cookies. To find out more, read our Cookies policy. By continuing to use the site, you consent to our use of cookies.