The creation and testing of a disaster recovery plan is one of the key elements of business continuity management. Traditionally business continuity and disaster recovery (DR) planning have always been separated between the business and the IT department.
It has long been recognised that this ‘divide’ creates more problems than it solves, after all most businesses could not continue to operate successfully if their IT services were unavailable for a period of time. Depending on the nature of your business this may well range from a few hours to several days.
Talking from experience as the UK’s Leading Online Backup & Disaster Recovery Provider a disaster recovery plan should interface with the overall business continuity management plan, be clear and concise, focus on the key activities required to recover the critical IT services, be tested reviewed and updated on a regular basis, have an owner, whilst enabling the recovery objectives to be met.
Recovery Time Objectives (RTO) do differ for organisations but there are common aims that apply to all. The two key elements which many organisations adhere to are how long can the business continue to function without the critical IT services and how quickly can all systems be recovered from the time DR is invoked.
With the economic climate as it is today it’s no surprise to hear that IT departments are often asked to do more with less. Although this can result in DR testing falling by the wayside a recent survey actually shows that DR testing is on the up as organisations understand the importance of data to operations. It was shown that 35% of organisations worldwide with a DR plan do not test it more than once a year and although that number is actually a 12% improvement from 2008, it is still poor.
A lack of IT staff time was the top reason given for not testing more, with 48% pointing to that. Disruption to employees, budget restraints, and disruption to customers were all mentioned by at least 40% of respondents.
The report also indicates that 59% of respondents said they test disaster recovery plans regularly but 28% test once a year or less. Most of the blame for not testing went to lack of a DR site, inadequate staffing and money. The introduction of Virtualised DR environments should eliminate the restriction of DR testing. Please visit the following link to find out more about Virtual Disaster Recovery and how full system restores can be attained without disruption to live environments.
Statistics aside it is best practice to conduct DR testing to ensure business continuity whilst identifying deficiencies that need to be addressed. DR plan testing also helps evaluate the ability of the IT staff to implement the plan quickly and effectively. Each IT contingency plan element should be tested to confirm the accuracy of individual recovery procedures and the overall effectiveness of the plan.
The following areas to be covered in a DR test should include:
Full System Recovery from the backup media to an alternate platform
Coordination among recovery teams
Internal and external connectivity
System performance using alternate equipment
Restoration of normal operations
Notification procedures
Experts advise to test DR plans at all costs despite the hardships. Independent backup consultants suggest that companies do a large scale disaster recovery test once a year, with smaller, alternating tests throughout the rest of the year. While experts acknowledge that testing isn’t easy and does involve resource, refusing to test is putting an entire organisation at risk.
So if you haven’t scheduled a full Disaster Recovery test book one today to ensure your organisation can resume operations should disaster strike.