No one wants to experience an IT disaster – the loss of critical files, network outage, or hardware failure. However, these risks can be mitigated with appropriate preparation through Disaster Recovery planning. As IT is woven into every business, it’s crucial to include an IT portion in any DR plan(Disaster Recovery Plan). In this blog, we’ll discuss five important things you need to know about IT disaster recovery to keep your business running smoothly.
1. The purpose of an IT DR plan
Is to help the company recover as quickly and effectively as possible from an unforeseen IT disaster or emergency. Such an emergency would interrupt information systems and business operations. The plan should ensure that:
- All employees fully understand their duties in implementing the DR plan. This means that the appropriate portions of the plan should be discussed with employees and tested.
- Proposed contingency arrangements are cost-effective. This is where planning and preparation can really save you lots of money if you encounter an IT disaster.
- Disaster recovery capabilities as applicable to key vendors and service providers. Your disaster recovery is only as good as those you rely on to provide equipment, services, etc.
2. Who should write the DR plan?
DR planning for IT requires preliminary study and thorough understanding of the company business model and IT infrastructure. Ideally, the IT DR planning would be done by your own IT department or an IT consultant who has done previous work for you. Having someone who is new to your environment write and test your IT DR plan may drive up your costs, or leave you with a DR plan that is disconnected from reality.
3. What should the DR plan include?
It is easy to get carried away and write a document of such volume that will never be read by anyone (except the author). Needless to say, the size and content of DR documents for SMEs and large enterprises will differ, as the size and complexity of their IT infrastructure is also very different. Here is a brief list of the content sections that SMEs should include in their DR plan.
- A policy statement that establishes the business requirements for the IT DR plan. Typically, a business would have a statement on IT DR requirements in its policies.
- Key personnel and vendors contact information. This information will be priceless if an IT disaster is encountered.
- A clearly defined DR team that outlines responsibilities for each team member, as well as a calling tree so that each team member know who they are responsible to contact and all team members and staff are notified of the incident.
- An overview of the IT infrastructure, including a definition of the critical business process supported by IT, list of systems and their functions, network and system diagrams.
- Backup office locations.
- For each actual disaster event considered in the IT DR plan,
- a description of the event;
- risk-impact analysis, discussing the probability of a particular disaster event versus its potential business impact;
- restoration requirements – this should be determined by upper-level management;
- and restoration procedures.
It is easy to get carried away in defining and describing all possible IT disaster scenarios; this is why good communication with management is important – in order to narrow down the scope of the DR planning to key events with highest business impact or highest probability.
4. What should the IT DR plan NOT include?
The DR plan for IT should not include portions that are covered by the main business disaster recovery plan, which covers all aspects of the business (including insurance, property and personnel management, etc.), not just the IT portion.
5. What parts of the plan should be tested?
It really depends on the budget you set aside for DR planning. Ideally, all parts of the plan – from complete loss of the office and emergency relocation, to virus infection, to loss of the phone system. Realistically, SMEs will not have the budget to test their entire DR plan, therefore key events must be pin-pointed and tested. For example, loss of a server, loss of critical files, loss of internet access, call tree simulation.
Disaster Recovery Planning for IT is an essential part of any business today. While it may seem overwhelming at first, proper preparation and planning can make all the difference in the event of an IT disaster. Remember to establish a clear policy statement, define your DR team, and include key contact information, an overview of your IT infrastructure, and restoration procedures in your plan. Regular testing and updating your plan as your business changes is also critical.
At Balanced+, we can help you develop and implement a DR plan that fits your unique needs and budget. Contact us today to learn more about our IT Disaster Recovery Planning services.