Question

A disaster recovery plan (DRP) is a documented process or set of procedures to execute an organization's disaster recovery processes and recover and protect a business IT infrastructure in the event of a disaster. It is "a comprehensive statement of consistent actions to be taken before, during and after a disaster". Describe a Disaster Recovery Plan (DRP) for Information Technology of a Saudi Business Concern

Answer 1

A Disaster Recovery Plan (DRP) is a business process that describes how work can be resumed quickly and effectively after a disaster. Disaster recovery planning is just a part of business continuity planning and applied to the aspects of an organization that rely on IT functions. It is a quick and informative solution used as a proactive backup for IT Infrastructure.

The creation of a DRP begins with a DRP proposal for upper-level management support. An Information Technology DRP is developed through the combination of a business continuity plan. The strategies covered under technology recovery process are developed to restore hardware and application solutions with the business data recovery process. However, in companies, employees use electronic mail and Voice over Internet Protocol (VOIP) telephone systems to communicate. Also, Electronic Data Interchange (EDI) is used for transmitting data which include orders and payments information generated from one company to another.

Foremost Objectives of DRP

The objective of a Disaster Recovery Plan (DRP) is used to minimize the downtime and data loss. The primary objective is to protect the organization in all events where all of its operations and computer services are rendered unfeasible. The plan minimizes the disruption of operations and ensures the level of organizational stability & order to recover after disaster immediately. The two major concepts that measure minimizing downtime and data loss are Recovery Time Objective (RTO) and the Recovery Point Objective (RPO).

The RTO is based on time component of the business process. Business must be restored after a major incident has occurred in order to avoid unacceptable failure. The process is associated with a break of time continuity under business process. And the RPO is the age of files which is recovered from backup storage for normal operations to resume if a computer, system, or network goes down. The process is thus the maximum acceptable amount of data loss measured in time.

The standard form of Disaster Recovery Plans   

The Disaster Recovery Plan (DRP) is distributed in three basic strategies where features are covered in all these plans:

1. Preventive Measures
2. Detective Measures, and
3. Corrective Measures.

The Preventive Measures is featured process which prevents its functionality before disaster take place. This process measures risk factors and reduces risks. The Detective Measures is the process used for identifying the presence of any unwanted events within the IT infrastructure. Its main aim is to uncover new potential threats and detect or uncover unwanted events. And Corrective Measures includes protecting critical documents used under DRP or securing proper insurance policies.

Devising Techniques with Expertise

Geoffrey H. Wold, a well-known author describes disaster recovery in his journal in a significant manner. He describes the complete process through distinctive techniques. These techniques are derived from a various combination of information and procedure used in a recovery system.

Obtaining Top Management Commitment

A successful DRP is the foremost responsibility for the plan lay on top management. Organization management ensures its functionality within the organization and also consider as its recovery plan. The process is also responsible for allocating adequate time and resources required for the development of an effective plan. Also, management used these considerations with both financial and personal involvement.

Enforcing Planning Committee

A planning committee is basically appointed to manage development and implementation of the recovery plan. It includes representatives from all functional areas of the organization. The key committee members customarily include the operation’s manager and the data processing manager.

Performing a Risk Valuation

The risk assessment process evaluates the safety of critical documents and vital records. Usually, the fire is the greatest threat to an organization. It is an important aspect to assess the impacts and consequences resulting from loss of information and services. The organization analyzes the costs related to minimize the potential exposures.

Enlarging Priorities for Processing and Operations

In organizations, each department is concerned with critical stages. Enlarging priorities is an important factor because no organization possesses infinite resources and criteria for safety. It must be set to allocate resources first for safe recovery. Some of the areas often review during the prioritization process through functional operations, key personnel, and their functions along with existing documentation, historical records, and the departmental policies and procedures.

Assertive Recovery Strategies

During this stage, DRP is a most practical way for processing information about disaster generated through research and evaluation. All aspects of the organization strategies includes, physical facilities, computer hardware and software, communications links, data files and any other processing operations.

Gathering Business Database Information

In this phase, a collection of data is an important aspect of the whole process which is carried out through a recovery system. Data gathering materials and documentation often includes various lists, inventories, and documentation. After Data gathering process, organizing its functionality is a better data recovery plan.

Reaching Out to the Goals

The DRP gets approved by the organization’s management when a plan is in the form of written and tested. Management is responsible for enhancing the policies, procedures, and responsibilities of planning, reviewing and documenting such reviews in writing.

However, Disaster Recovery Plan (DRP) is safe, quick and easy accessible solutions for all IT Infrastructure and Business solutions which protect enterprise’s data, employees and business with an effective medium of solution globally.