Disaster Recovery Plan Template

Business Continuity Planning

Sarbanes - Oxley, ISO 27000 (27001 & 27002)
PCI, & HIPAA Compliant

This Disaster Recovery Plan and Business Continuity Template can be used for any size of enterprise. The Disaster Recovery Planning template and supporting material have been updated to be Sarbanes-Oxley and HIPAA compliant.  The DRP Template comes as a Word document and includes:

• Disaster Recovery Plan and Business Continuity Template
• Business and IT Impact Analysis Questionnaire
• Work Plan
• Disaster Recovery / Business Continuity Audit Program
• Pandemic Planning Check List
• Media Communication plan with a definition of best practices

Features include

• Compliance with the new ISO 27000 (27001, 27002 and 27031), Sarbanes-Oxley, PCI-DSS and HIPAA standards
• Web Site Disaster Recovery Planning Form
• Department Disaster Recovery Activation Workbook
  • Quick Reference Guide
  • Team Alert List (Form)
  • Disaster Recovery Plan and Business Continuity  Team Responsibilities
  • Disaster Recovery Plan and Business Continuity  Team Checklist
  • Critical Functions Definition
  • Normal Business Hour Response Procedures
  • After Hours Response Procedures
  • Disaster Recovery Plan and Business Continuity Location(s) Definition
  • Disaster Recovery Plan and Business Continuity Recovery Procedures
  • Notification Procedures
  • Notification Call List (Form)
• Updated Business and IT Impact Analysis Questionnaire
• Vendor Disaster Recovery Questionnaire
• Vendor Phone List Form Updated
• Key Customer Notification Form
• Critical Resources to be Retrieved Form
• Business Continuity Off-Site Materials Form

Disaster Recovery Business Continuity Template comes in several versions

The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement.  The electronic document includes proven written text and examples for the following major sections of a disaster recovery plan:

• Plan Introduction
• Business Impact Analysis - including a sample impact matrix
• DRP Organization Responsibilities pre and post disaster - drp checklist
• Backup Strategy for Data Centers, Departmental File Servers, Wireless Network servers, Data at Outsourced Sites, Desktops (In office and "at home"), Laptops and PDA's.
• Recovery Strategy including approach, escalation plan process and decision points
• Disaster Recovery Procedures in a check list format
• Plan Administration Process
• Technical Appendix including definition of necessary phone numbers and contact points
• Job Descriptions (each 3 pages long) for:
  • Disaster Recovery Manager
  • Manager Disaster Recovery and Business Continuity
  • Pandemic Coordinator
• Work Plan to modify and implement the template.  Included is a list of deliverables for each task. (Risk Assessment and Vulnerability Assessment)

There is a extensive section that show how a full test of the DRP can be conducted.  It includes

• Disaster Recovery Manager Responsibilities
• Distribution of the Disaster Recovery Plan
• Maintenance of the Business Impact Analysis
• Training of the Disaster Recovery Team
• Testing of the Disaster Recovery Plan
• Evaluation of the Disaster Recovery Plan Tests
• Maintenance of the Disaster Recovery Plan

Click on the link below to get the Disaster Recovery Plan and Business Continuity sample pages now and make it a part of your disaster recovery toolkit.

This template is not for resale or re-distribution

 

---

 

 

 

 

Disaster Planning - Business Continuity News

Learn more about Computer Liquidators.

---

Cloud Distaster Planning Articles

May 9th, 2013

Cloud Distaster Planning Articles

• 10 steps to cloud disaster recovery planning  Many companies now are including cloud disaster recovery process in their business continuity plans.   Janco has found that disaster plans that include the cloud if...
• 10 Backup Best Practices supplementing a disaster recovery and business continuity solution with the cloud  10 Backup best practices -  supplementing a disaster recovery and business continuity back-up solution with the cloud Backup best practices are used by many CIOs...
• Cloud storage aids disaster recovery and business continuity  Cloud Storage is a next step to implement after the disaster recovery plan is created Cloud storage is a next step after the CIO creates a...
• Cloud as part of disaster planning  Cloud as part of disaster planning VARs and service providers are seeing that providing physical media to end users upon first backup and on an...
• 10 best practices for cloud disaster recovery  Cloud Disaster Recovery 10 Best Practices Creating out a complete cloud disaster recovery infrastructure can be cost prohibitive for many organizations.  Ten best practices are:...

- more info

---

5 Tips for DR and BC Managers

May 2nd, 2013

Tips for DR and BC Managers:

1. How to Evaluate your Disaster Recovery Plan  Evaluating your disaster recovery plan To ensure the protection of your critical data, applications, and the continuous availability of your network, you must look at...
2. 10 Commandments of Disaster Recovery and Business Continuity  10 commandments of disaster recovery and business continuity planning As requirements for avoiding downtime become increasingly stringent, administrators need tools and platforms that can help...
3. Options for a data center disaster recovery strategy  Data Center disaster recovery strategy – options A critical component of a disaster recovery business continuity is the data center disaster recovery strategy — Hot...
4. 10 Characteristics of a Good Business Continuity / Disaster Plan  10 Characteristics of a Good Business Continuity / Disaster Plan Most organizations have a Business Continuity / Disaster Recovery plan – but how can you recognize...
5. Should Disaster Recovery Plans Depend on SSD Storage  Can Disaster Recovery Plans depend on SSD storage Disaster Recovery depends on stable storage of data and modern storage technology (SSDs, No-SQL databases, commoditized RAID...

 

- more info

---

Reviews of natural disaster perils that occurred worldwide

April 11th, 2013

The report reveals that late-season winter weather affected much of Europe throughout the month, bringing an extended period of heavy snowfall, sub-freezing temperatures, high winds, ice and flooding. Among the hardest-hit areas were France, Germany and Ukraine, where snow accumulations topped 50cm.

Early total economic loss estimates stood at EUR1.4 billion (USD1.8 billion), including EUR706 million (USD914 million) for France alone. More than 100,000 insurance claims were filed in France, with auto claims surpassing EUR101 million (USD131 million).

Heavy snowfall also engulfed northern sections of Japan between the end of February and early March, with recorded snow depths up to 5.5m seen in Hokkaido and northern Honshu. This resulted in local governments spending more than JPY1.36 billion (USD14.2 million) in clean-up costs.

Multiple winter storms also affected central and eastern sections of the United States, as an early March weather system brought heavy snow and coastal flooding along the Eastern Seaboard. Another system at the end of the month brought nearly 50cm of snow from the Rockies to the East Coast. Total combined economic losses from both systems were cited as less than USD100 million.

A strong derecho event (defined as a long-lived, intense squall line) left widespread hail and wind damage throughout the US Southeast. Mississippi was amongst the hardest-hit states, where at least 18 counties sustained damage. The state insurance department estimated that as many as 50,000 claims would be filed. Total economic losses throughout the region exceeded USD250 million, while insurance losses reached approximately USD150 million.

Preliminary data from the US Storm Prediction Center indicate that only 17 tornadoes touched down during the month, representing the fewest number of March tornadoes in the US since 1978, when 17 tornado touchdowns were also recorded.

- more info

---

10 commnadments of disaster recovery and business continuity planning

March 29th, 2013

As requirements for avoiding downtime become increasingly stringent, administrators need tools and platforms that can help them plan, design, and implement disaster recovery strategies that can meet those needs.

• Analyze single points of failure: A single point of failure in a critical component can disrupt well engineered redundancies and resilience in the rest of a system.
• Keep updated notification trees: A cohesive communication process is required to ensure the disaster recovery business continuity plan will work.
• Be aware of current events: Understand what is happening around the enterprise - know if there is a chance for a weather, sporting or political event that can impact the enterprise's operations.
• Plan for worst-case scenarios: Downtime can have many causes, including operator error, component failure, software failure, and planned downtime as well as building- or city-level disasters. Organizations should be sure that their disaster recovery plans account for even worst-case scenarios.
• Clearly document recovery processes: Documentation is critical to the success of a disaster recovery program. Organizations should write and maintain clear, concise, detailed steps for failover so that secondary staff members can manage a failover should primary staff members be unavailable.
• Centralize information - Have a printed copy available: In a crisis situation, a timely response can be critical. Centralizing disaster recovery information in one place, such as a Microsoft Office SharePoint® system or portal, helps avoid the need to hunt for documentation, which can compound a crisis.
• Create test plans and scripts: Test plans and scripts should be created and followed step-by-step to help ensure accurate testing. These plans and scripts should include integration testing—silo testing alone does not accurately reflect multiple applications going down simultaneously.
• Retest regularly: Organizations should take advantages of opportunities for disaster recovery testing such as new releases, code changes, or upgrades. At a minimum, each application should be retested every year.
• Perform comprehensive recovery and business continuity test: Organizations should practice their master recovery plans, not just application failover. For example, staff members need to know where to report if a disaster occurs, critical conference bridges should be set up in advance, a command center should be identified, and secondary staff resources should be assigned in case the event stretches over multiple days. In environments with many applications, IT staff should be aware of which applications should be recovered first and in what order. The plan should not assume that there will be enough resources to bring everything back up at the same time.
• Defined metrics and create score cards scores: Organizations should maintain scorecards on the disaster recovery compliance of each application, as well as who is testing and when. Maintaining scorecards generally helps increase audit scores.

 

- more info

---

Disaster Recovery Planning a critical mandate

March 12th, 2013

Business continuity and disaster recovery (BC/DR) planning is a critical mandate for all companies and especially for small and midsized businesses, where the cost pf downtime and/or lost data can be devastating.  It does not take a cataclysmic event to cause major disruption the untimely loss of a critical server or file for even a few hours can be extremely costly in today's highly competitive 24x7 business climate.

 

If you have implemented virtualization - cloud computing, you already know how this powerful technology can save you money on IT costs via server consolidation. But are you aware that the benefits of virtualization extend beyond IT cost savings, and that virtualization can also keep your business running through many types of planned and unplanned IT outages?

Many regulations require companies to support more stringent availability standards. Several new acts and regulations, directed at specific industries or a broad cross-section of companies, mandate the protection of business data and system availability. Businesses may incur financial or legal penalties for failing to comply with these data or business availability requirements.

- more info

---

Disaster Recovery Concerns

February 24th, 2013

Unplanned IT and telecom outages is the leading cause of concern with 70% of respondents of a Business Continuity Institute (BCI) study are extremely concerned or concerned, followed by data breach (66%) and cyber attack (65%).

 

The top 10 threats rated by level of concern in the survey are:

1. Unplanned IT and telecom outages – 70% extremely concerned or concerned
2. Data breach – 66% extremely concerned or concerned
3. Cyber attack – 65% extremely concerned or concerned
4. Interruption to utility supply – 50% extremely concerned or concerned
5. Security incident 47% extremely concerned or concerned
6. Adverse weather – 53% extremely concerned or concerned
7. Supply Chain Disruption – 39% extremely concerned or concerned
8. Fire – 37% extremely concerned or concerned
9. Health & Safety incident – 37% extremely concerned or concerned
10. Act of Terrorism -  33% extremely concerned or concerned

Related posts:

1. 5 skills that Disaster Recovery Business Continuity Pros Need to Have  Disaster Recovery Business Continuity skills Recent disasters, like Sandy, have showed that business continuity professionals can offer a great amount of assistance to their companies...
2. Life cycle for business continuity and security breaches are the same  When a security breach or business interruption occur, the life cycle from the start to the end are the same.  First and foremost you must...
3. 10 Disaster Recovery Lessons Learned 10 lessons learned in Sandy’s aftermath on disaster recovery and business continuity The impacts of Hurricane Sandy have crystallized many executives’ minds on the importance...
4. 10 Backup Best Practices supplementing a disaster recovery and business continuity solution with the cloud  10 Backup best practices -  supplementing a disaster recovery and business continuity back-up solution with the cloud Backup best practices are used by many CIOs...
5. 10 point checklist for disaster recovery 10 point checklist for disaster recovery HR, Legal and Media Communications Disaster Recovery 10 Point Checklist A list of 10 questions to rank how comprehensive...

- more info

---

Setting up a remote disaster recovery site

February 15th, 2013

During the  disaster recovery planning process a CIO needs to establish a remote disaster recovery site, but are faced a challenge all too familiar to many enterprises: How to replicate large amounts of data across the country and still meet Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs)?

For example if the goal of full data recovery within 3 hours, with an RPO of 24 hours. CIOsoften are not coming close to meeting those objectives as replication process mat not able to complete across the WAN. A company simply may not be able to move that much data over long distances in a reasonable amount of time without very expensive and time consuming manual intervention.

 

More specifically, given the limited physical space in their data centers and the high volume of traffic that needed to be moved between data centers, the company may require a very high capacity virtual WAN optimization solution.

- more info