The Stages of Disaster Recovery Planning – The Plan
So you know what might happen, you know what needs to be done if it does, and you know what you’re missing. Now it’s time to get the ducks lined up and in true Hannibal Smith style have the plan come together.
When analysing costs and controls you then have the tough decision of what to mitigate against, what to try prevent and what to leave in the lap of the Gods. You may want to set loss figures against the do nothing approach and use that to set expectations.
Sample Spreadsheet showing a cost analysis (numbers are made up obviously) allowing you to make an informed decision on what to go with.
In the sample above the logical choices would be the UPS and Fire suppression however bear in mind that some choices may not be yours to choose, for example if you were SOX relevant you would be forced to adopt more of the above just to comply.
With your teams in place from the first meeting you should set about assigning tasks to the various members getting them to:
- Document Processes necessary
- Identify final costs and get pricing
- Identify the responsible person for each area
- Identify a testing plan
- Set a time-line for the plan to be implemented and tested
- Sign off on the battle box contents and agree a review timeline to review contents and keep current.
I’ll dedicate tomorrows posting to all the IT elements as that’s what we do best but without the previous items and all the other areas of the business being involved you could have the IT systems surviving a disaster but with no company there to use them.