Disaster Recovery Planning – Do’s & Don’ts
No one would question the need for a Disaster Recovery Plan to help guide the restoration of an IT environment after suffering a crisis. However, an inappropriately documented Disaster Recovery Plan can prevent it from being executed successfully when it’s needed the most—in an actual disaster.
Most Disaster Recover Plans have been created to satisfy auditors or business leaders. This has led to lengthy, overly-detailed documentation that was not helpful to IT staff trying to execute a recovery in a high-pressure, time sensitive scenario.
Organizations continue to struggle with creating Disaster Recovery Plans and making them actionable. What makes your Disaster Recovery Plan an effective one that can actually serve your organization in the event of a disaster? Here are some Do’s and Don’ts to consider when creating your Disaster Recovery Plan.
Disaster Recovery Planning – Do’s
Disaster Recovery Plan documentation needs to be concise, easy to scan, and effective. Visual-based documentation meets these requirements and it is much more likely to result in a successful Disaster Recovery. After all, a picture is worth a thousand words!
Creating your Disaster Recovery Plan documentation by using a visual-based approach will improve its usability and effectiveness. Choose flowcharts over process guides, checklists over procedures and diagrams over descriptions.
- Flowcharts: Flowcharts provide an at-a-glance view which is ideal for disaster situations where the pressure is high and quick communication is vital. Flowcharts can be used to document process flows or give a high-level overview of more detailed procedures.
- Checklists: Checklists provide a quick list of steps to take for any part of a Disaster Recovery Plan (as well as a means of recording that the steps were taken, if desirable). Checklists are ideal in helping improve the speed and accuracy of performing Disaster Recovery Plan tasks. Use checklists when staff just needs a reminder of what to do, not how to do it.
- Diagrams: Use topology diagrams to capture your network layout, integrations and system information. Diagrams are useful in that they can help put context to flowcharts and checklists.
Disaster Recovery Planning – Don’ts
Only 38% of the businesses with a full or mostly completed Disaster Recovery Plan actually feel their plan would be effective in a crisis. Why is that? Some might say it’s because they’ve engaged in some of the following don’ts of Disaster Recovery Planning:
- Don’t make your Disaster Recovery Plan a traditional manual with detailed and lengthy descriptions and procedures. This is not an effective document in an actual disaster.
- Don’t underestimate the importance of having a Disaster Recovery Plan. While recognizing Disaster Recovery is important, businesses often place a low priority on creating a Disaster Recovery Plan and the day-to-day Standard Operating Procedures required to support a recovery.
- Don’t assume your Disaster Recovery Plan will be effective without updates. There is often a lack of effective processes for ensuring the Disaster Recovery Plan is updated on a regular basis. Disaster Recovery Plans should be reviewed, at minimum, on an annual basis.
- Don’t create your Disaster Recovery Plan just for the sake of having one. Creating the documentation for a Disaster Recovery Plan can take a large amount of time. Don’t waste effort on producing documentation that may satisfy auditors or business leaders, but will prove unusable during a real crisis.
So now you have your Disaster Recovery Plan. How do you maintain it?
In order to be effective, a Disaster Recovery Plan needs to be kept up-to-date and employees must be familiar with it. A Disaster Recovery Plan that is not updated or tested is as ineffective as if the company did not have a plan at all. An obsolete Disaster Recovery Plan may provide misleading information.
Here are 3 recommendations to effectively maintain your Disaster Recovery Plan:
- Hold Periodic Mock Drills
The Disaster Recovery Plan should be tested at regular intervals using scheduled mock drills. After each mock drill, an analysis should be undertaken to determine if the Disaster Recovery Plan documentation needs to be updated.
- Audit your Disaster Recovery Plan documentation on a scheduled basis
You should audit your Disaster Recovery Plan documentation regularly and frequently to reflect the current state of the components it covers. As mentioned before, the plan should be reviewed at least once a year, however, if any system/component in your organization undergoes a change, it should trigger a review of your Disaster Recovery Plan.
- Document the lessons learned in an actual disaster
The best testing that the Disaster Recovery Plan will undergo is when an actual disaster occurs. After the disaster, record the lessons learned and update your Disaster Recovery Plan documentation as needed.
Your Disaster Recovery Planning - Be Proactive with a DRaaS Program
Documenting and maintaining your Disaster Recovery Plan is a key process. Our team of experts have worked with many organizations to help them create documentation and management procedures to ensure their Disaster Recovery Plan is modern, streamlined and actionable. Contact us today to learn about our fully-managed disaster recovery as a service (DRaaS) program.