Disaster Recovery Plan

BCP
Written By Rupert Gough

The principal purpose of the Disaster Recovery Plan (DRP) is to develop, test and document a well-structured and easily understood plan which will help MTG recover as quickly and effectively as possible from an unforeseen disaster or emergency which interrupts information systems and business operations.

The DRP explains policies and procedures for technology disaster recovery, as well as process-level plans for recovering critical technology platforms and the telecommunications infrastructure (if necessary). This document will summarise the recommended procedures. In the event of an actual emergency situation, modifications to this document may be made to ensure physical safety of people, systems, and data.

 

Objectives of the Disaster Recovery Plan include:

  • The need to ensure that all employees fully understand their duties in implementing such a plan;

  • The need to ensure that operational policies are adhered to within all planned activities;

  • The need to ensure that proposed contingency arrangements are cost-effective; and

  • Disaster recovery capabilities as applicable to key customers, suppliers and others.

 

In the event of a crisis speedy decisions are often needed without all the information normally relied on.  It is necessary for staff and management to be aware of what the business is really all about as unless all are clear about goals and priorities it is difficult to restore the business in the event of a crisis.

 

When considering the requirements for the DRP the following should be considered:

  • For IT-related matters consider where the data may be stored and backed up. Is the location of the backup appropriate in the event of an emergency;

  • If data needs to be reconstructed consider who may have access to the records both internally and externally (employees, clients, suppliers, IRD etc.). Ensure any reconstructed data is backed up;

  • How would the reconstructed data be stored;

  • Where is backup data stored and who has access? Would they know where to find and retrieve the information? Should the backed-up data be stored in the Cloud;

  • Include in any backup customer contact lists, process manuals and important contacts;

  • Also, consider what information is vital to the business, is not on computers or back-ups.

  • Loss or unavailability of essential services;

  • Loss or unavailability of key personnel.

Rupert Gough
Previous

IT Systems, Recovery, and Cyber
Next

Definitions: BCP Terminology