Part 3 of 4 - 4 Tips to move your Disaster Recovery Plan away from being "shelf-ware"
A Disaster Recovery plan, in a-lot of instances, once developed becomes "shelf-ware" and is either no longer referenced or updated to reflect the current state of play with your systems.
There are several things that your business can do to prevent and prepare for an IT disaster but having a robust Disaster Recovery Plan (DRP) is arguably the most important.
A DRP is a documented process or set of procedures. It outlines the steps an organisation should take before, during and after an IT systems disaster, to recover information technology data, assets, and facilities in a timely manner and with minimal disruption to business operations.
A robust DRP is an integral part of protecting an organisation’s IT infrastructure. Doing so enables them to ensure services are available at a level that allows them to meet their objectives and obligations.
All too often, DRPs are developed once, put on the shelf, and never looked at again — well, not until you’re in crises anyway. Much like living on a property near bushland and not having a clear fire evacuation plan. Once the fire is at your doorstep, it’s too late. You save what you can, hope for the best, and ultimately are left dealing with the devastating aftermath.
To avoid being in this vulnerable position, here are 4 tips to ensure your DRP is relevant and effective:
Allocate responsibility — The management of your disaster recovery processes and procedures should be funnelled through a single point/person/department who will coordinate the development of the DRP, and implement it, when needed.
Communication and training — The DRP should also be communicated to other key staff members, ensuring it’s understood, easily found and able to be actioned. All relevant stakeholders should also receive regular training on how to implement the DRP in a variety of situations.
Testing — Test your DRP’s effectiveness in real life by conducting practice drills/scenarios. Ensure you follow up these drills with a “lessons learned” session (or similar) to capture what worked, and what didn’t, and update your DRP to reflect these opportunities for improvement.
Periodic Updates — Update your plan regularly to ensure it reflects the IT systems you currently use, the providers or third-party vendors you engage, and the policies you adhere to. Also, make sure you apply tips 1–3 as part of this process by ensuring the right person is allocated responsibility, your DRP is tested, and everyone is updated on any relevant updates.
Remember — Prior Planning Prevents Poor Performance!
If you don’t have a DRP or just want to know more, don’t hesitate to contact us.
At Cyber Cerberus, we can work with you to develop a robust Disaster Recovery Plan and increase your cyber maturity. Visit www.cybercerberus.com or email email@example.com for more information.