When a disaster strikes and takes down the IT systems that are essential to business operations, the CIO has a key role in ensuring a rapid recovery.
A disaster recovery plan (DRP) can help them get operations back on track. It documents the procedures required recover data, system functionality and IT infrastructure after an outage.
Read on for our tips on how to create a successful DRP.
Read next: GDPR tips for CIOs
April 10, 2018
1. What is a disaster recovery plan? Do I need one?
All businesses regardless of the size should have some sort of disaster recovery plan. In fact, small to medium-sized businesses are more likely to fall victim to ransomware attacks, over larger enterprises. As hackers tend to ask for a manageable sum of money, and they're more likely to pay to save their systems.
A disaster recovery plan (DRP) should explain how to prevent, detect and correct any IT disaster.
A good plan will consider multiple threats and their effects on every aspect of the business. These include staff, facilities, budgets, data, vendors, hardware.
It should also document the actions necessary to minimise the effects of any service interruption and restore critical applications, and include descriptions of the responsibilities of different staff members in any response.
4. Understand your vulnerabilities
Document the areas of potential vulnerabilities and the ways in which they could damage the organisation, from operating procedures to electrical power.
Identify the different types of setbacks that could strike them. Human error, natural disasters, power outages, cyber attacks, software issues and hardware failures all have the potential to wreak havoc.
Document the risk of each of these occurring, the impact that they can have and what will need to be recovered.
Risks include the cost of downtime, a loss of customers, reduced productivity, lost revenue, reputational damage and recovery costs.