Disaster Recovery Plan Steps, Checklist & Processes

by Sarah Harvey / June 22nd, 2017

When Disaster Strikes, Will You be Prepared?

To ensure that operations remain up and running during hurricane, tornado, or rainy seasons, businesses must have a Disaster Recovery Plan that has been developed, tested, and is in place and known to all relevant parties. Hurricanes like Matthew and Sandy have devastated businesses over the last couple of years, and without a well-developed Disaster Recovery Plan, many businesses were left inoperable, damaging their revenue and reputation.

What is a Disaster Recovery Plan?

So, what is a Disaster Recovery Plan (DRP)? Disaster Recovery Plans define an organization’s processes for protecting and recovering its business in the event of a disaster, such as a hurricane, flood, tornado, power outage, etc. These documented sets of policies and procedures can be the lifeline of an organization following a disaster, and determine loss of operations, reputation, and revenue. How will your organization stay running in the event of a disaster? Where will employees continue to carry out their work duties? How will incident response be communicated throughout your organization? These are the types of questions you should ask yourself when preparing for a potential disaster.

3 Steps for an Effective Disaster Recovery Plan

When it comes time to develop your Disaster Recovery Plan, there are three main steps to be considered, including:

  • Business Impact Analysis: The first thing your organization should do when preparing your DRP is to conduct a Business Impact Analysis. This process will allow you to review existing business continuity capabilities by evaluating the risk to business process failures, identify critical and necessary business functions and their resource dependencies, estimate any financial and operational impacts of disruption and the required recovery timeframe for critical business functions, and to assess the effectiveness of any existing risk reduction measures.
  • Strategy Selection: Once you’ve identified and prioritized critical functions for business continuity, the next step in the process is to determine which recovery strategy to move forward with. Identify a range of specific recovery strategies that address interruptions of business processes, identify the computing resources that are required to recover the various distributed processing environments, and document alternative recovery strategies.
  • Disaster Recovery Plan Documentation: It’s time to create your physical plan for responding to a potential disaster. This plan should include the following:
  1. Emergency notification and disaster declaration procedures
  2. Recovery team procedures
  3. Facility and business restoration procedures
  4. DRP testing and maintenance cycles
  5. Appendices for master contact lists, equipment inventories, connectivity schematics, etc.

Once you’ve developed, tested, and disseminated your Disaster Recovery Plan, you can rest assured that you’ll be prepared if disaster strikes. For additional help on disaster recovery planning or for help with determining the effectiveness of your current Disaster Recovery Plan, contact us today.

More Disaster Recovery Resources

Business Continuity and Disaster Recovery Planning Checklist

Cloud Security: Business Continuity and Disaster Recovery Planning Checklist

What is Threat and Vulnerability?