Trial lock

This Research is for Members Only

Not a member? Unlock a free sample of our research now!

Already a member?

Sign in now

Infrastructure Operations icon

Create a Right-Sized Disaster Recovery Plan

Close the gap between your DR capabilities and service continuity requirements.

Unlock Sample Research

View Storyboard

Solution Set Storyboard Thumbnail

Contributors

  • Alan Byrum, Director of Business Continuity, Intellitech
  • Bernard Jones (MBCI, CBCP, CORP, ITILv3), Owner/Principal, BJones BCP Consulting, LLC
  • Paul Beaudry, Assistant Vice-President, Technical Services, MIS, Richardson International Limited
  • Yogi Schulz, President, Corvelle Consulting
  • Nicole Paredes, IT Manager, State Toll and Road Authority
  • Troy Clayton, Network Administrator, Aux Sable

Your Challenge

  • Any time a natural disaster or major IT outage occurs, it increases executive awareness and internal pressure to create a disaster recovery plan (DRP).
  • Traditional DRP templates are onerous and result in a lengthy, dense plan that might satisfy auditors but will not be effective in a crisis.
  • The myth that a DRP is only for major disasters leaves organizations vulnerable to more common incidents.
  • The growing use of outsourced infrastructure services has increased reliance on vendors to meet recovery timeline objectives.

Our Advice

Critical Insight

  • At its core, disaster recovery (DR) is about ensuring service continuity. Create a plan that can be leveraged for both isolated and catastrophic events.
  • Remember Murphy’s Law. Failure happens. Focus on improving overall resiliency and recovery, rather than basing DR on risk probability analysis.
  • Cost-effective DR and service continuity starts with identifying what is truly mission critical so you can focus resources accordingly. Not all services require fast failover.

Impact and Result

  • Define appropriate objectives for service downtime and data loss based on business impact.
  • Document an incident response plan that captures all of the steps from event detection to data center recovery.
  • Create a DR roadmap to close gaps between current DR capabilities and recovery objectives.

Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out about the persistent myths of DR planning, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

1. Define DRP scope, current status, and dependencies

Start with a good understanding of current state and system dependencies.

4. Complete, extend, and maintain your DRP

Identify and prioritize major initiatives to streamline recovery.

5. Appendix

The following tools and templates are also included as part of this blueprint to use as needed to supplement the core steps above:

Guided Implementations

This guided implementation is a ten call advisory process.

Guided Implementation #1 - Define DRP scope

Call #1 - Scope requirements, objectives, and your specific challenges.
Call #2 - Identify applications/systems to focus on first.

Guided Implementation #2 - Define current status and system dependencies

Call #1 - Assess current DRP maturity.
Call #2 - Identify system dependencies.

Guided Implementation #3 - Conduct a BIA

Call #1 - Create an impact scoring scale and conduct a BIA.
Call #2 - Identify RTO and RPO for each system.

Guided Implementation #4 - Recovery workflow

Call #1 - Create a recovery workflow based on tabletop planning.
Call #2 - Identify gaps in recovery capabilities.

Guided Implementation #5 - Projects and action items

Call #1 - Identify and prioritize improvements.
Call #2 - Summarize results and plan next steps.

Info-Tech Academy

Get Info-Tech Certified

Train your staff and develop a world-class IT team.

An active membership is required to access Info-Tech Academy

New to Info-Tech Academy? Learn more here

Disaster Recovery Planning

Close the gap between your DR capabilities and service continuity requirements.
This course makes up part of the Security & Risk Certificate.

Course information:

  • Title: Disaster Recovery Planning
  • Number of Course Modules: 4
  • Estimated Time to Complete: 2-2.5 hours
  • Featured Analysts:
  • Frank Trovato, Research Director, Infrastructure Practice
  • Eric Wright, SVP of Research and Advisory
  • Now Playing: Academy: Disaster Recovery Planning | Executive Brief

Onsite Workshop

Unlock Sample Research

Book Your Workshop

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Define Parameters for Your DRP

The Purpose

Identify key applications and dependencies based on business needs.

Key Benefits Achieved

Understand the entire IT “footprint” that needs to be recovered for key applications. 

Activities

Outputs

1.1

Assess current DR maturity.

  • Current challenges identified through a DRP Maturity Scorecard.
1.2

Determine critical business operations.

1.3

Identify key applications and dependencies.

  • Key applications and dependencies documented in the Business Impact Analysis (BIA) Tool.

Module 2: Determine the Desired Recovery Timeline

The Purpose

Quantify application criticality based on business impact.

Key Benefits Achieved

Appropriate recovery time and recovery point objectives defined (RTOs/RPOs).

Activities

Outputs

2.1

Define an objective scoring scale to indicate different levels of impact.

  • Business impact analysis scoring criteria defined.
2.2

Estimate the impact of downtime.

  • Application criticality validated.
2.3

Determine desired RTO/RPO targets for applications based on business impact.

  • RTOs/RPOs defined for applications and dependencies.

Module 3: Determine the Current Recovery Timeline and DR Gaps

The Purpose

Determine your baseline DR capabilities (your current state).

Key Benefits Achieved

Gaps between current and desired DR capability are quantified.

Activities

Outputs

3.1

Conduct a tabletop exercise to determine current recovery procedures.

  • Current achievable recovery timeline defined (i.e. the current state).
3.2

Identify gaps between current and desired capabilities.

  • RTO/RPO gaps identified.
3.3

Estimate likelihood and impact of failure of individual dependencies.

  • Critical single points of failure identified.

Module 4: Create a Project Roadmap to Close DR Gaps

The Purpose

Identify and prioritize projects to close DR gaps.

Key Benefits Achieved

DRP project roadmap defined that will reduce downtime and data loss to acceptable levels.

Activities

Outputs

4.1

Determine what projects are required to close the gap between current and desired DR capability.

  • Potential DR projects identified.
4.2

Prioritize projects based on cost, effort, and impact on RTO/RPO reduction.

  • DRP project roadmap defined.
4.3

Validate that the suggested projects will achieve the desired DR capability.

  • Desired-state incident response plan defined, and project roadmap validated.

Module 5: Establish a Framework for Documenting Your DRP, and Summarize Next Steps

The Purpose

  • Outline how to create concise, usable DRP documentation.
  • Summarize workshop results. 

Key Benefits Achieved

  • A realistic and practical approach to documenting your DRP.
  • Next steps documented. 

Activities

Outputs

5.1

Outline a strategy for using flowcharts and checklists to create concise, usable documentation.

  • Current-state and desired-state incident response plan flowcharts.
5.2

Review Info-Tech’s DRP templates for creating system recovery procedures and a DRP summary document.

  • Templates to create more detailed documentation where necessary.
5.3

Summarize the workshop results, including current potential downtime and action items to close gaps.

  • Executive communication deck that outlines current DR gaps, how to close those gaps, and recommended next steps.

Member Testimonials

Unlock Sample Research

After each Info-Tech experience, we ask our members to quantify the real time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this Blueprint, and what our clients have to say.

Client

Experience

Impact

$ Saved

Days Saved

City Of Welland

Workshop

10/10

$25,000

20

Bush Brothers & Company

Guided Implementation

9/10

N/A

N/A

Children's Hospital Colorado

Guided Implementation

8/10

N/A

10

BF&M (Canada) Limited

Workshop

8/10

$100K

20

Sentinel Peak Resources

Guided Implementation

9/10

$11,912

5

DeNovo Energy Limited

Workshop

8/10

$13,236

35

Seneca Gaming Corporation

Workshop

8/10

$132K

20

Psac

Guided Implementation

10/10

N/A

90

Alabama Department of Law Enforcement

Workshop

10/10

$72,801

47

Episcopal Community Services

Guided Implementation

10/10

$2,647

120

Children's Hospital Colorado

Guided Implementation

9/10

$66,183

20

BC Transit

Guided Implementation

10/10

N/A

N/A

Cidel Bank & Trust

Guided Implementation

9/10

$2,647

5

Tonkin and Taylor Ltd

Guided Implementation

10/10

$17,207

16

GSW Manufacturing

Guided Implementation

9/10

$11,912

5

City of Colorado Springs

Guided Implementation

6/10

N/A

N/A

City Of Kawartha Lakes

Guided Implementation

10/10

$37,500

35

SUNY New Paltz

Guided Implementation

8/10

$10,589

16

Federal Signal-Corporation

Guided Implementation

10/10

$33,091

20

City Of Mesa

Guided Implementation

10/10

$52,946

32

Children's Hospital Colorado

Guided Implementation

9/10

N/A

55

Sagicor Group Jamaica

Workshop

9/10

$66,183

50

Great Clips Inc.

Guided Implementation

8/10

$66,183

20

Peterson American Corporation

Guided Implementation

8/10

N/A

N/A

SUNY New Paltz

Guided Implementation

9/10

$5,294

5

4Wall Entertainment

Workshop

10/10

$33,091

50

Unifrax

Guided Implementation

9/10

$33,091

110

Mohawk Medbuy Corporation

Guided Implementation

8/10

$1,800

2

General Dynamics Land Systems Inc.

Guided Implementation

10/10

$5,294

1

Fulton County Information Services

Guided Implementation

10/10

N/A

50