Create a Right-Sized Disaster Recovery Plan

Close the gap between your DR capabilities and service continuity requirements.

Do not fill in this field

Enter no text in this field

Get Instant Access
to this Blueprint

Business Email

Full Name

Company

Phone

Job Title

Contributors

Alan Byrum, Director of Business Continuity, Intellitech
Bernard Jones (MBCI, CBCP, CORP, ITILv3), Owner/Principal, BJones BCP Consulting, LLC
Paul Beaudry, Assistant Vice-President, Technical Services, MIS, Richardson International Limited
Yogi Schulz, President, Corvelle Consulting
Nicole Paredes, IT Manager, State Toll and Road Authority
Troy Clayton, Network Administrator, Aux Sable

Any time a natural disaster or major IT outage occurs, it increases executive awareness and internal pressure to create a disaster recovery plan (DRP).
Traditional DRP templates are onerous and result in a lengthy, dense plan that might satisfy auditors but will not be effective in a crisis.
The myth that a DRP is only for major disasters leaves organizations vulnerable to more common incidents.
The growing use of outsourced infrastructure services has increased reliance on vendors to meet recovery timeline objectives.

Our Advice

Critical Insight

At its core, disaster recovery (DR) is about ensuring service continuity. Create a plan that can be leveraged for both isolated and catastrophic events.
Remember Murphy’s Law. Failure happens. Focus on improving overall resiliency and recovery, rather than basing DR on risk probability analysis.
Cost-effective DR and service continuity starts with identifying what is truly mission critical so you can focus resources accordingly. Not all services require fast failover.

Impact and Result

Define appropriate objectives for service downtime and data loss based on business impact.
Document an incident response plan that captures all of the steps from event detection to data center recovery.
Create a DR roadmap to close gaps between current DR capabilities and recovery objectives.

Start here – read the Executive Brief

Read our concise Executive Brief to find out about the persistent myths of DR planning, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Create a Right-Sized Disaster Recovery Plan – Executive Brief

1. Define DRP scope, current status, and dependencies

Start with a good understanding of current state and system dependencies.

2. Conduct a BIA to determine acceptable RTOs and RPOs

Set recovery objectives.

3. Identify and address gaps in the recovery workflow

Outline the recovery workflow and address risks and gaps.

4. Complete, extend, and maintain your DRP

Identify and prioritize major initiatives to streamline recovery.

5. Appendix

The following tools and templates are also included as part of this blueprint to use as needed to supplement the core steps above:

Guided Implementations

This guided implementation is a ten call advisory process.

Guided Implementation #1 - Define DRP scope

Call #1 - Scope requirements, objectives, and your specific challenges.

Call #2 - Identify applications/systems to focus on first.

Guided Implementation #2 - Define current status and system dependencies

Call #1 - Assess current DRP maturity.

Call #2 - Identify system dependencies.

Guided Implementation #3 - Conduct a BIA

Call #1 - Create an impact scoring scale and conduct a BIA.

Call #2 - Identify RTO and RPO for each system.

Guided Implementation #4 - Recovery workflow

Call #1 - Create a recovery workflow based on tabletop planning.

Call #2 - Identify gaps in recovery capabilities.

Guided Implementation #5 - Projects and action items

Call #1 - Identify and prioritize improvements.

Call #2 - Summarize results and plan next steps.

Info-Tech Academy

Get Info-Tech Certified

Train your staff and develop a world-class IT team.

An active membership is required to access Info-Tech Academy

New to Info-Tech Academy? Learn more here

Disaster Recovery Planning

Close the gap between your DR capabilities and service continuity requirements.
This course makes up part of the Security & Risk Certificate.

Course information:

Title: Disaster Recovery Planning
Number of Course Modules: 4
Estimated Time to Complete: 2-2.5 hours
Featured Analysts:
Frank Trovato, Research Director, Infrastructure Practice
Eric Wright, SVP of Research and Advisory
Now Playing: Academy: Disaster Recovery Planning | Executive Brief

Book Your Workshop

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Define Parameters for Your DRP

The Purpose

Identify key applications and dependencies based on business needs.

Key Benefits Achieved

Understand the entire IT “footprint” that needs to be recovered for key applications.

Activities

Outputs

1.1

Assess current DR maturity.

Current challenges identified through a DRP Maturity Scorecard.

1.2

Determine critical business operations.

1.3

Identify key applications and dependencies.

Key applications and dependencies documented in the Business Impact Analysis (BIA) Tool.

Module 2: Determine the Desired Recovery Timeline

The Purpose

Quantify application criticality based on business impact.

Key Benefits Achieved

Appropriate recovery time and recovery point objectives defined (RTOs/RPOs).

Activities

Outputs

2.1

Define an objective scoring scale to indicate different levels of impact.

Business impact analysis scoring criteria defined.

2.2

Estimate the impact of downtime.

Application criticality validated.

2.3

Determine desired RTO/RPO targets for applications based on business impact.

RTOs/RPOs defined for applications and dependencies.

Module 3: Determine the Current Recovery Timeline and DR Gaps

The Purpose

Determine your baseline DR capabilities (your current state).

Key Benefits Achieved

Gaps between current and desired DR capability are quantified.

Activities

Outputs

3.1

Conduct a tabletop exercise to determine current recovery procedures.

Current achievable recovery timeline defined (i.e. the current state).

3.2

Identify gaps between current and desired capabilities.

RTO/RPO gaps identified.

3.3

Estimate likelihood and impact of failure of individual dependencies.

Critical single points of failure identified.

Module 4: Create a Project Roadmap to Close DR Gaps

The Purpose

Identify and prioritize projects to close DR gaps.

Key Benefits Achieved

DRP project roadmap defined that will reduce downtime and data loss to acceptable levels.

Activities

Outputs

4.1

Determine what projects are required to close the gap between current and desired DR capability.

Potential DR projects identified.

4.2

Prioritize projects based on cost, effort, and impact on RTO/RPO reduction.

DRP project roadmap defined.

4.3

Validate that the suggested projects will achieve the desired DR capability.

Desired-state incident response plan defined, and project roadmap validated.

Module 5: Establish a Framework for Documenting Your DRP, and Summarize Next Steps

The Purpose

Outline how to create concise, usable DRP documentation.
Summarize workshop results.

Key Benefits Achieved

A realistic and practical approach to documenting your DRP.
Next steps documented.

Activities

Outputs

5.1

Outline a strategy for using flowcharts and checklists to create concise, usable documentation.

Current-state and desired-state incident response plan flowcharts.

5.2

Review Info-Tech’s DRP templates for creating system recovery procedures and a DRP summary document.

Templates to create more detailed documentation where necessary.

5.3

Summarize the workshop results, including current potential downtime and action items to close gaps.

Executive communication deck that outlines current DR gaps, how to close those gaps, and recommended next steps.

After each Info-Tech experience, we ask our members to quantify the real time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this Blueprint, and what our clients have to say.

Client

Experience

Impact

$ Saved

Days Saved

Testimonial

City Of Mesa

Guided Implementation

10/10

$25,752

Tools are fairly easy to use and effective. Frank is extremely knowledgeable, effective communicator and patient to convey the ideas and processes to assist in moving this project forward.

Great Lakes Water Authority

Guided Implementation

10/10

$2,512

Darin is very knowledgeable and takes a rational approach to DR Planning. He is able to keep the group focused on getting to a reasonable starting point as opposed to going down rabbit holes chasing after perfection.

City Of Fort Collins

Guided Implementation

8/10

$11,305

Having a strict process and methodology to be guided through is best. Worst is running out of time and not getting my action items done.

Grinnell College

Guided Implementation

10/10

$11,305

Working with Andrew has been a great experience. Very knowledgeable, very professional. I hope you're taking care of him :)

Toronto District School Board

Guided Implementation

10/10

N/A

Andrew is very knowledgeable and flexible, and we look forward to working with him!

Platte River Power Authority

Workshop

10/10

$12,562

As always with InfoTech workshops, it saved us weeks of work on our part, creating deliverables that would have taken us weeks to develop ourselves. Frank did a great job of keeping the workshop moving forward, making adjustments on the fly as we encoun...

Eswatini Railway

Guided Implementation

9/10

$32,245

The analyst from Infotech was able to outline steps to develop a DRP for one of our business units from the information provided in the call and in the process used a relevant example to meeting participants which demonstrated that the Infotech DR Fram...

Alabama Department of Environmental Management

Workshop

10/10

N/A

It is hard to even measure the impact and cost of not having a disaster recovery plan. Yet it is critical in our agencies mission and in order to meet EPA rules and mandates.

Sci-Bono Discovery Centre

Guided Implementation

10/10

$50,000

120

Working through the tools with an experienced and knowledgeable analyst. Andrew is able to break down complex areas of the tool to smaller manageable areas and is able to guide you through the completion providing valuable insights at every step, showing...

BlueScope Buildings

Guided Implementation

9/10

$29,520

the discussion was great. I can't exactly quantify the savings or monetary impact, but this is a huge help and we have many people dedicated to this project.

Bay Cove Human Services Inc.

Workshop

10/10

$31,405

Sumit delivered previous workshops and knew our business. This was extremely helpful in completing the disaster recovery workshop to our satisfaction. We really enjoyed working with him. He kept the work shop productive and moving forward.

Catholic Health System

Guided Implementation

10/10

$25,000

Working with Andrew Sharp has been an amazing experience. He is extremely knowledgeable and easy to work with. He takes the time to listen and understand how the InfoTech process can help support Catholic Health. During the Tabletop Exercise that he rece...

Grinnell College

Guided Implementation

9/10

$2,512

Andrew continues to be very helpful and I enjoy working with him.

CenCal Health

Guided Implementation

10/10

N/A

120

Worst experience - gaining buy-in and adoption of the process by team members. They finally started seeing the big picture towards the end, but our team members are new to project management, documentation, etc. So that isn't a fault of InfoTech. Be...

Symcor Inc.

Guided Implementation

8/10

N/A

I appreciate having dedicated time to brainstorm ideas and ask questions from the expert in the field who is able to provide different insight into the challenges we are facing. On multiple occasion Andrew was able to provide some research or material I...

18th Circuit Florida Courts

Guided Implementation

10/10

N/A

Sonoma Water

Guided Implementation

9/10

N/A

Catholic Health System

Guided Implementation

10/10

$25,000

The time and cost savings listed above are just estimates, but I believe the work we are doing with InfoTech will potentially save us around 4 weeks of time/work and cost savings of ~$25,000 from man hours as well as planning and testing for DR to be bet...

County Of Hawaii

Workshop

8/10

$125K

The best part was going through the BIA and with the different business groups - Finance, The Mayor's Office, Fire, and DIT. The conversations were exceptionally revealing and gave us amazing clarity as to how to prioritize systems and applications. Ve...

Capital Regional District

Workshop

10/10

$19,000

Frank was excellent, as always.

Cross Country Mortgage, Inc.

Guided Implementation

10/10

$31,405

The tools in the DRP blueprint look very useful and practical. Darin did a great job going through the process with our team.

City Of Issaquah

Guided Implementation

10/10

$127K

120

Great work by Andrew Sharp has made this process fruitful and fun at the same time.

AJIL Financial Services Company

Guided Implementation

10/10

$25,000

The exercise was extremely helpful, we finished it in record time compared if we did it on our own. The service provided exceeded our expectations and the delivabals were of excellent quality.

McGill University

Guided Implementation

10/10

$27,500

City Of Mesa

Guided Implementation

10/10

$62,810

Franks patients and knowledge keeps this project in line and accomplishing milestones of very significance to the BIA scope of the project. Great person to work with.

City Of Issaquah

Guided Implementation

10/10

$20,387

Andrew Sharp has been a great mentor during the whole process, I do appreciate all the help he has been offering!!

Arkansas Department of Transportation

Guided Implementation

10/10

$60,525

Regional Sanitation & Sacramento Area Sewer District

Workshop

10/10

$20,373

Joe was able to get and keep everyone engaged...for 4 days! The deliverables were presented in an exec-meeting the day after receiving them; they were good-to-go! We had done some last-minute pre-planning (i.e., discussing when non-IT execs should be involved) which should have been done earlier. Since we cut it close, many of them were unable to attend.

Dart Enterprises Ltd.

Guided Implementation

9/10

N/A

The walk-thru of the tool and interaction with Andrew along with the many insights he provides are valuable inputs to some key discussions that are currently ongoing.

Children's Hospital Colorado

Guided Implementation

9/10

$12,776

The discussion of strategies for approaching updates to the pandemic plan on the basis of the current/recent experience was extremely helpful and motivating. Thanks for that.