View Storyboard

Contributors
- Alan Byrum, Director of Business Continuity, Intellitech
- Bernard Jones (MBCI, CBCP, CORP, ITILv3), Owner/Principal, BJones BCP Consulting, LLC
- Paul Beaudry, Assistant Vice-President, Technical Services, MIS, Richardson International Limited
- Yogi Schulz, President, Corvelle Consulting
- Nicole Paredes, IT Manager, State Toll and Road Authority
- Troy Clayton, Network Administrator, Aux Sable
Your Challenge
- Any time a natural disaster or major IT outage occurs, it increases executive awareness and internal pressure to create a disaster recovery plan (DRP).
- Traditional DRP templates are onerous and result in a lengthy, dense plan that might satisfy auditors but will not be effective in a crisis.
- The myth that a DRP is only for major disasters leaves organizations vulnerable to more common incidents.
- The growing use of outsourced infrastructure services has increased reliance on vendors to meet recovery timeline objectives.
Our Advice
Critical Insight
- At its core, disaster recovery (DR) is about ensuring service continuity. Create a plan that can be leveraged for both isolated and catastrophic events.
- Remember Murphy’s Law. Failure happens. Focus on improving overall resiliency and recovery, rather than basing DR on risk probability analysis.
- Cost-effective DR and service continuity starts with identifying what is truly mission critical so you can focus resources accordingly. Not all services require fast failover.
Impact and Result
- Define appropriate objectives for service downtime and data loss based on business impact.
- Document an incident response plan that captures all of the steps from event detection to data center recovery.
- Create a DR roadmap to close gaps between current DR capabilities and recovery objectives.
Guided Implementations
This guided implementation is a ten call advisory process.
Guided Implementation #1 - Define DRP scope
Call #1 - Scope requirements, objectives, and your specific challenges.
Call #2 - Identify applications/systems to focus on first.
Guided Implementation #2 - Define current status and system dependencies
Call #1 - Assess current DRP maturity.
Call #2 - Identify system dependencies.
Guided Implementation #3 - Conduct a BIA
Call #1 - Create an impact scoring scale and conduct a BIA.
Call #2 - Identify RTO and RPO for each system.
Guided Implementation #4 - Recovery workflow
Call #1 - Create a recovery workflow based on tabletop planning.
Call #2 - Identify gaps in recovery capabilities.
Guided Implementation #5 - Projects and action items
Call #1 - Identify and prioritize improvements.
Call #2 - Summarize results and plan next steps.

Info-Tech Academy
Get Info-Tech Certified
Train your staff and develop a world-class IT team.
An active membership is required to access Info-Tech AcademyNew to Info-Tech Academy? Learn more here
Disaster Recovery Planning
Close the gap between your DR capabilities and service continuity requirements.
This course makes up part of the Security & Risk Certificate.
Course information:
- Title: Disaster Recovery Planning
- Number of Course Modules: 4
- Estimated Time to Complete: 2-2.5 hours
- Featured Analysts:
- Frank Trovato, Research Director, Infrastructure Practice
- Eric Wright, SVP of Research and Advisory
- Now Playing: Academy: Disaster Recovery Planning | Executive Brief
Book Your Workshop
Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Module 1: Define Parameters for Your DRP
The Purpose
Identify key applications and dependencies based on business needs.
Key Benefits Achieved
Understand the entire IT “footprint” that needs to be recovered for key applications.
Activities
Outputs
Assess current DR maturity.
- Current challenges identified through a DRP Maturity Scorecard.
Determine critical business operations.
Identify key applications and dependencies.
- Key applications and dependencies documented in the Business Impact Analysis (BIA) Tool.
Module 2: Determine the Desired Recovery Timeline
The Purpose
Quantify application criticality based on business impact.
Key Benefits Achieved
Appropriate recovery time and recovery point objectives defined (RTOs/RPOs).
Activities
Outputs
Define an objective scoring scale to indicate different levels of impact.
- Business impact analysis scoring criteria defined.
Estimate the impact of downtime.
- Application criticality validated.
Determine desired RTO/RPO targets for applications based on business impact.
- RTOs/RPOs defined for applications and dependencies.
Module 3: Determine the Current Recovery Timeline and DR Gaps
The Purpose
Determine your baseline DR capabilities (your current state).
Key Benefits Achieved
Gaps between current and desired DR capability are quantified.
Activities
Outputs
Conduct a tabletop exercise to determine current recovery procedures.
- Current achievable recovery timeline defined (i.e. the current state).
Identify gaps between current and desired capabilities.
- RTO/RPO gaps identified.
Estimate likelihood and impact of failure of individual dependencies.
- Critical single points of failure identified.
Module 4: Create a Project Roadmap to Close DR Gaps
The Purpose
Identify and prioritize projects to close DR gaps.
Key Benefits Achieved
DRP project roadmap defined that will reduce downtime and data loss to acceptable levels.
Activities
Outputs
Determine what projects are required to close the gap between current and desired DR capability.
- Potential DR projects identified.
Prioritize projects based on cost, effort, and impact on RTO/RPO reduction.
- DRP project roadmap defined.
Validate that the suggested projects will achieve the desired DR capability.
- Desired-state incident response plan defined, and project roadmap validated.
Module 5: Establish a Framework for Documenting Your DRP, and Summarize Next Steps
The Purpose
- Outline how to create concise, usable DRP documentation.
- Summarize workshop results.
Key Benefits Achieved
- A realistic and practical approach to documenting your DRP.
- Next steps documented.
Activities
Outputs
Outline a strategy for using flowcharts and checklists to create concise, usable documentation.
- Current-state and desired-state incident response plan flowcharts.
Review Info-Tech’s DRP templates for creating system recovery procedures and a DRP summary document.
- Templates to create more detailed documentation where necessary.
Summarize the workshop results, including current potential downtime and action items to close gaps.
- Executive communication deck that outlines current DR gaps, how to close those gaps, and recommended next steps.
After each Info-Tech experience, we ask our members to quantify the real time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this Blueprint, and what our clients have to say.
Client
Experience
Impact
$ Saved
Days Saved
Grinnell College
Guided Implementation
10/10
$1,528
7
CenCal Health
Guided Implementation
10/10
N/A
120
Symcor Inc.
Guided Implementation
8/10
N/A
5
18th Circuit Florida Courts
Guided Implementation
10/10
N/A
N/A
Sonoma Water
Guided Implementation
9/10
N/A
10
Catholic Health System
Guided Implementation
10/10
$25,000
20
County Of Hawaii
Workshop
8/10
$127K
50
Capital Regional District
Workshop
10/10
$19,000
20
Cross Country Mortgage, Inc.
Guided Implementation
10/10
$31,833
20
City Of Issaquah
Guided Implementation
10/10
$127K
120
AJIL Financial Services Company
Guided Implementation
10/10
$25,000
50
McGill University
Guided Implementation
10/10
$27,500
5
City Of Mesa
Guided Implementation
10/10
$63,667
50
City Of Issaquah
Guided Implementation
10/10
$20,373
90
Arkansas Department of Transportation
Guided Implementation
10/10
$60,484
47
Regional Sanitation & Sacramento Area Sewer District
Workshop
10/10
$20,373
20
Dart Enterprises Ltd.
Guided Implementation
9/10
N/A
N/A
Children's Hospital Colorado
Guided Implementation
9/10
$12,733
5
Maryland State Highway Administration
Guided Implementation
10/10
$60,484
10
Ucla Anderson School of Management
Guided Implementation
10/10
$16,553
20
Granite State Management & Resources
Guided Implementation
9/10
N/A
N/A
Office of the Attorney General
Guided Implementation
9/10
$31,833
20
CenCal Health
Guided Implementation
10/10
N/A
50
GSW Manufacturing
Guided Implementation
8/10
$2,419
10
RJRGLEANER Communications Group
Guided Implementation
9/10
$47,500
50
Aldridge Electric
Guided Implementation
10/10
$12,733
10
Grinnell College
Guided Implementation
10/10
$1,273
10
ArcBest Technologies
Guided Implementation
9/10
N/A
20
City of Bradenton, FL
Workshop
10/10
$75,000
44
Aldridge Electric
Guided Implementation
10/10
$12,733
20