Create a Right-Sized Disaster Recovery Plan

Close the gap between your DR capabilities and service continuity requirements.

Do not fill in this field

Enter no text in this field

Get Instant Access to this Blueprint

Full Name

Company

Phone

Job Title

Unlock This Blueprint

View Storyboard

Contributors

Alan Byrum, Director of Business Continuity, Intellitech
Bernard Jones (MBCI, CBCP, CORP, ITILv3), Owner/Principal, BJones BCP Consulting, LLC
Paul Beaudry, Assistant Vice-President, Technical Services, MIS, Richardson International Limited
Yogi Schulz, President, Corvelle Consulting
Nicole Paredes, IT Manager, State Toll and Road Authority
Troy Clayton, Network Administrator, Aux Sable

Your Challenge

Any time a natural disaster or major IT outage occurs, it increases executive awareness and internal pressure to create a disaster recovery plan (DRP).
Traditional DRP templates are onerous and result in a lengthy, dense plan that might satisfy auditors but will not be effective in a crisis.
The myth that a DRP is only for major disasters leaves organizations vulnerable to more common incidents.
The growing use of outsourced infrastructure services has increased reliance on vendors to meet recovery timeline objectives.

Our Advice

Critical Insight

At its core, disaster recovery (DR) is about ensuring service continuity. Create a plan that can be leveraged for both isolated and catastrophic events.
Remember Murphy’s Law. Failure happens. Focus on improving overall resiliency and recovery, rather than basing DR on risk probability analysis.
Cost-effective DR and service continuity starts with identifying what is truly mission critical so you can focus resources accordingly. Not all services require fast failover.

Impact and Result

Define appropriate objectives for service downtime and data loss based on business impact.
Document an incident response plan that captures all of the steps from event detection to data center recovery.
Create a DR roadmap to close gaps between current DR capabilities and recovery objectives.

Start here – read the Executive Brief

Read our concise Executive Brief to find out about the persistent myths of DR planning, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Create a Right-Sized Disaster Recovery Plan – Executive Brief

1. Define DRP scope, current status, and dependencies

Start with a good understanding of current state and system dependencies.

2. Conduct a BIA to determine acceptable RTOs and RPOs

Set recovery objectives.

3. Identify and address gaps in the recovery workflow

Outline the recovery workflow and address risks and gaps.

4. Complete, extend, and maintain your DRP

Identify and prioritize major initiatives to streamline recovery.

5. Appendix

The following tools and templates are also included as part of this blueprint to use as needed to supplement the core steps above:

Guided Implementations

This guided implementation is a ten call advisory process.

Guided Implementation #1 - Define DRP scope

Call #1 - Scope requirements, objectives, and your specific challenges.

Call #2 - Identify applications/systems to focus on first.

Guided Implementation #2 - Define current status and system dependencies

Call #1 - Assess current DRP maturity.

Call #2 - Identify system dependencies.

Guided Implementation #3 - Conduct a BIA

Call #1 - Create an impact scoring scale and conduct a BIA.

Call #2 - Identify RTO and RPO for each system.

Guided Implementation #4 - Recovery workflow

Call #1 - Create a recovery workflow based on tabletop planning.

Call #2 - Identify gaps in recovery capabilities.

Guided Implementation #5 - Projects and action items

Call #1 - Identify and prioritize improvements.

Call #2 - Summarize results and plan next steps.

Info-Tech Academy

Get Info-Tech Certified

Train your staff and develop a world-class IT team.

An active membership is required to access Info-Tech Academy

New to Info-Tech Academy? Learn more here

Disaster Recovery Planning

Close the gap between your DR capabilities and service continuity requirements.
This course makes up part of the Security & Risk Certificate.

Course information:

Title: Disaster Recovery Planning
Number of Course Modules: 4
Estimated Time to Complete: 2-2.5 hours
Featured Analysts:
Frank Trovato, Research Director, Infrastructure Practice
Eric Wright, SVP of Research and Advisory
Now Playing: Academy: Disaster Recovery Planning | Executive Brief

Book Your Workshop

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Define Parameters for Your DRP

The Purpose

Identify key applications and dependencies based on business needs.

Key Benefits Achieved

Understand the entire IT “footprint” that needs to be recovered for key applications.

Activities

Outputs

1.1

Assess current DR maturity.

Current challenges identified through a DRP Maturity Scorecard.

1.2

Determine critical business operations.

1.3

Identify key applications and dependencies.

Key applications and dependencies documented in the Business Impact Analysis (BIA) Tool.

Module 2: Determine the Desired Recovery Timeline

The Purpose

Quantify application criticality based on business impact.

Key Benefits Achieved

Appropriate recovery time and recovery point objectives defined (RTOs/RPOs).

Activities

Outputs

2.1

Define an objective scoring scale to indicate different levels of impact.

Business impact analysis scoring criteria defined.

2.2

Estimate the impact of downtime.

Application criticality validated.

2.3

Determine desired RTO/RPO targets for applications based on business impact.

RTOs/RPOs defined for applications and dependencies.

Module 3: Determine the Current Recovery Timeline and DR Gaps

The Purpose

Determine your baseline DR capabilities (your current state).

Key Benefits Achieved

Gaps between current and desired DR capability are quantified.

Activities

Outputs

3.1

Conduct a tabletop exercise to determine current recovery procedures.

Current achievable recovery timeline defined (i.e. the current state).

3.2

Identify gaps between current and desired capabilities.

RTO/RPO gaps identified.

3.3

Estimate likelihood and impact of failure of individual dependencies.

Critical single points of failure identified.

Module 4: Create a Project Roadmap to Close DR Gaps

The Purpose

Identify and prioritize projects to close DR gaps.

Key Benefits Achieved

DRP project roadmap defined that will reduce downtime and data loss to acceptable levels.

Activities

Outputs

4.1

Determine what projects are required to close the gap between current and desired DR capability.

Potential DR projects identified.

4.2

Prioritize projects based on cost, effort, and impact on RTO/RPO reduction.

DRP project roadmap defined.

4.3

Validate that the suggested projects will achieve the desired DR capability.

Desired-state incident response plan defined, and project roadmap validated.

Module 5: Establish a Framework for Documenting Your DRP, and Summarize Next Steps

The Purpose

Outline how to create concise, usable DRP documentation.
Summarize workshop results.

Key Benefits Achieved

A realistic and practical approach to documenting your DRP.
Next steps documented.

Activities

Outputs

5.1

Outline a strategy for using flowcharts and checklists to create concise, usable documentation.

Current-state and desired-state incident response plan flowcharts.

5.2

Review Info-Tech’s DRP templates for creating system recovery procedures and a DRP summary document.

Templates to create more detailed documentation where necessary.

5.3

Summarize the workshop results, including current potential downtime and action items to close gaps.

Executive communication deck that outlines current DR gaps, how to close those gaps, and recommended next steps.

After each Info-Tech experience, we ask our members to quantify the real time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this Blueprint, and what our clients have to say.

Client

Experience

Impact

$ Saved

Days Saved

Testimonial

City Of Welland

Workshop

10/10

$25,000

Frank and Jeremy were awesome. No worst parts - well, maybe looking at the large number of documents that resulted, but that's unavoidable. Clarification on the time, it's a complete guess. We were looking to have someone in to facilitate the plan, but have no real idea how long that process would take. Clarification on money, we were expecting $40.000 to $60,000 for the traditional approach, which would likely have cost us more in the future.

Bush Brothers & Company

Guided Implementation

9/10

N/A

It was obvious that our contact understands the topic very well and is able to focus on the important parts of the DR/Business Continuity challenge. The time we spent with him was extremely beneficial and we intend to continue to leverage his expertise. The templates and guides that Info-Tech has available are also very helpful.

Children's Hospital Colorado

Guided Implementation

8/10

N/A

BF&M (Canada) Limited

Workshop

8/10

$100K

Best: seeing the entire DR process as a group on a whiteboard Worst: Starting the process of methodically walking through the process as a team

Sentinel Peak Resources

Guided Implementation

9/10

$11,912

Really helped us stay focused on actionable milestones. This shortened the timeline and helped to ensure fuller coverage.

DeNovo Energy Limited

Workshop

8/10

$13,236

The workshop was excellent, Joe did a great job of leading the way and keeping us focused. The only thing that I think needed to be upgraded is the volume of material shared before sessions. While this was done well, I believe that more data needed to be shared to set a better context for persons within the room.

Seneca Gaming Corporation

Workshop

8/10

$132K

The table top exercise and the BIA were the best. There was no worst part.

Psac

Guided Implementation

10/10

N/A

The best part of my experience is the timely guidance of the knowledgeable adviser. Also, the project charter and BIA tool are very useful at the DRP Phase 1.

Alabama Department of Law Enforcement

Workshop

10/10

$72,801

Frank and Paul did an outstanding job guiding my very engaged team. The tools used allowed us to focus on specific tasks and not get overly consumed with the entire DR scenario. The workshop helped provide a path forward, but will require a significant time investment for my Agency to fill in the gaps. The worst part of this engagement is the Agency does not have an existing DR solution in place. Considering a follow up BC workshop to fill in the gaps once my team makes progress on the current findings. Overall, great workshop and the Info-Tech team did a great job facilitating and documenting the current state of operations.

Episcopal Community Services

Guided Implementation

10/10

$2,647

120

Best - The one on one guidance and Andrew was a great experience. Worst - N/A

Children's Hospital Colorado

Guided Implementation

9/10

$66,183

BC Transit

Guided Implementation

10/10

N/A

Cidel Bank & Trust

Guided Implementation

9/10

$2,647

It is hard to estimate how much money and time was saved but the templates and analysis tools are definitely useful and gives an excellent place to start and makes it easy to focus on what's important. Best of all, my analyst Andrew was there to guide and help along the way. Still more work to be done but this has been a great experience overall.

Tonkin and Taylor Ltd

Guided Implementation

10/10

$17,207

Frank was very piratical in helping me focus effort and meet deadlines. I had a lot of project work on so having regular meetings forced me to make progress - really appreciate Franks' patience and advice.

GSW Manufacturing

Guided Implementation

9/10

$11,912

Andrew brings a large amount of experience to the process and helps us understand the practical requirements quicker than we may on our own.

City of Colorado Springs

Guided Implementation

6/10

N/A

City Of Kawartha Lakes

Guided Implementation

10/10

$37,500

SUNY New Paltz

Guided Implementation

8/10

$10,589

Andrew is responsive, offers many helpful suggestions, and provides excellent feedback

Federal Signal-Corporation

Guided Implementation

10/10

$33,091

I am really uncertain as to how estimate time savings and the financial impact of your service so I guessed. That being said, we would not have gotten through this without the guidance and expertise of Andrew Sharp. His knowledge and experience were tremendous and he guided us through every step. We would not have made our deadlines without him. I applaud him for his patience and understanding throughout this project. I would recommend his (InfoTech) service to anyone who asks. Thanks. Jeff Bauhs

City Of Mesa

Guided Implementation

10/10

$52,946

No worst part. I am able to use the tool as a foundation for supplying multiple projects; 1. Initiate new BIA project, focus for system RTO/RPO, 2. Utilizing BIA project to ensure business COOP is valid, 3. Initiate formal SLA project and 4. Enhance current DR Plan and Procedures. Frank's knowledge, patience and presentation is excellent and effective to guiding me along this BIA project and tool. The numbers above are purely SWAG.

Children's Hospital Colorado

Guided Implementation

9/10

N/A

Frank Trovato's input has been very helpful. The tools and the process will help me to be more disciplined and focused as we get our program off the ground. The worst part of the experience is finding the time to commit to the process--I have many ongoing tasks and activities that compete for time, not too mention unplanned outages that keep happening and require follow up. But again, the discipline of this program helps with that.

Sagicor Group Jamaica

Workshop

9/10

$66,183

Best Part - The BIA session which helped the team quantify the impact to the organization of any unplanned system downtime Worst Part - Unable to identify any.

Great Clips Inc.

Guided Implementation

8/10

$66,183

I had to schedule a number of calls with Andrew due to conflicts, and Andrew was always accommodating. And on days when I wasn't fully prepared to work with Andrew, he made sure we always made progress.

Peterson American Corporation

Guided Implementation

8/10

N/A

SUNY New Paltz

Guided Implementation

9/10

$5,294

Andrew is very easy to work with and knowledgeable on the topics

4Wall Entertainment

Workshop

10/10

$33,091

This was a great workshop, ton's of added value and well worth the time and effort to complete. InfoTech Research Group has once again set the bar high and ultimately has made me look like a hero to both management and the IT internal teams.

Unifrax

Guided Implementation

9/10

$33,091

110

Best - Step by step method and seeing the tool take shape (provide results). Worst - feeling bad that I have problems keeping up but Andrew helps on the catching up side very well :-)

Mohawk Medbuy Corporation

Guided Implementation

8/10

$1,800

We are not finished yet so the scores above may slide forward. The best part so far is the practical and experienced advice from Darin Stahl on creating a realistic and useable DRP. Worst experience is a lot of paper work for IT people to get through.

General Dynamics Land Systems Inc.

Guided Implementation

10/10

$5,294

Discussion helped to confirm we are headed in the right direction with our composition of a revamped IT Disaster Recovery Plan document.

Fulton County Information Services

Guided Implementation

10/10

N/A