As discussed in Part 1, even a small business should prepare for the worst when it comes to its data. As a matter of precaution, disaster recovery (DR) planning must be integrated into its standard operating procedures. Consulting with an experienced IT expert is advisable because it can be complex and also require the involvement of several company staff members.
A DR plan for even a small business may be quite long and complicated. In any case, they are typically structured in a similar manner, including definitions, responsibilities, procedures, and maintenance tasks. Below is a template with a standard outline.
Introduction – Summarizes the objectives and breadth of the plan, which includes the IT locations and services, the Recovery Point Objective (RPO) and Recovery Time Objective (RTO) for the various services, and maintenance and testing. The plan should also have a revision history for tracking changes.
Roles and Responsibilities – Both internal and external participants involved in each DR process are listed, including their contact details and the description of responsibilities.
Incident Response – What will trigger a DR plan, and what are the steps for notifying management, employees, partners, and customers?
Procedures – Upon triggering the DR plan, what are the actions that stakeholders for each affected IT service should take? Every procedure should be set forth step-by-step in this section.
Appendices – Where other relevant lists, documents, and forms are organized and kept. The details regarding insurance policies, distribution and storage of DR resources, and alternate work locations should be included here.
As with any Disaster Recovery Plan, it will not serve its purpose if it gathers dust on a shelf. Adequate resources for training staff must be allocated, and they must be regularly refreshed regarding their roles and responsibilities in case the company experiences an IT outage.
As technology and the state of the company won’t be static, staying up to date will be critical as well. New IT services and systems will need to be accommodated by the DR plan. These updates must be communicated to those involved.
As a final point, it is of tremendous importance to test the DR plan in order to confirm the viability of the RPOs and RTOs and the effectiveness of procedures. It may seem adequate to test only stages. However, the entire plan must be tested occasionally. Only when this is done can the various processes be observed working as a whole, and sources of conflicts and neglected components can be spotted.
Choosing an expert computer technology-support provider is an important decision for your business. Alpha Engineering Associates has been a trusted partner of many companies in the Washington, Baltimore and Annapolis areas since 1990 and offer:
For affordable client-focused network consulting services and solutions, please call Alpha Engineering Associates today at 410-295-9500.