Disaster Recovery Plan Template
Business Continuity Planning
Sarbanes - Oxley, ISO 27000 (27001 & 27002)
PCI, & HIPAA Compliant
This Disaster Recovery Plan and Business Continuity Template can be used for any size of enterprise. The Disaster Recovery Planning template and supporting material have been updated to be Sarbanes-Oxley and HIPAA compliant. The DRP Template comes as a Word document and includes:
- Disaster Recovery Plan and Business Continuity Template
- Business and IT Impact Analysis Questionnaire
- Work Plan
- Disaster Recovery / Business Continuity Audit Program
- Pandemic Planning Check List
New are:
- Compliance with the new ISO 27000 (27001 and 27002), Sarbanes-Oxley, PCI-DSS and HIPAA standards
- Web Site Disaster Recovery Planning Form
- Department Disaster Recovery Activation Workbook
- Quick Reference Guide
- Team Alert List (Form)
- Disaster Recovery Plan and Business Continuity Team Responsibilities
- Disaster Recovery Plan and Business Continuity Team Checklist
- Critical Functions Definition
- Normal Business Hour Response Procedures
- After Hours Response Procedures
- Disaster Recovery Plan and Business Continuity Location(s) Definition
- Disaster Recovery Plan and Business Continuity Recovery Procedures
- Notification Procedures
- Notification Call List (Form)
- Updated Business and IT Impact Analysis Questionnaire
- Vendor Disaster Recovery Questionnaire
- Vendor Phone List Form Updated
- Key Customer Notification Form
- Critical Resources to be Retrieved Form
- Business Continuity Off-Site Materials Form
- Chief Information Officer
- Chief Security Officer
- Chief Compliance Officer
- VP Strategy and Architecture
- Director Disaster Recovery and Business Continuity
- Director e-Commerce
- Manager Disaster Recovery
- Manager Disaster Recovery and Business Continuity
- Disaster Recovery Coordinator
- Disaster Recovery - Special Projects Supervisor
- Manager Database
- Capacity Planning Supervisor
- Manager Media Library Support
- Manager Site Management
- Pandemic Coordinator
The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement. The electronic document includes proven written text and examples for the following major sections of a disaster recovery plan:
- Plan Introduction
- Business Impact Analysis - including a sample impact matrix
- DRP Organization Responsibilities pre and post disaster - drp checklist
- Backup Strategy for Data Centers, Departmental File Servers, Wireless Network servers, Data at Outsourced Sites, Desktops (In office and "at home"), Laptops and PDA's.
- Recovery Strategy including approach, escalation plan process and decision points
- Disaster Recovery Procedures in a check list format
- Plan Administration Process
- Technical Appendix including definition of necessary phone numbers and contact points
- Job Descriptions (each 3 pages long) for:
- Disaster Recovery Manager
- Manager Disaster Recovery and Business Continuity
- Pandemic Coordinator
- Work Plan to modify and implement the template. Included is a list of deliverables for each task. (Risk Assessment and Vulnerability Assessment)
There is a extensive section that show how a full test of the DRP can be conducted. It includes
- Disaster Recovery Manager Responsibilities
- Distribution of the Disaster Recovery Plan
- Maintenance of the Business Impact Analysis
- Training of the Disaster Recovery Team
- Testing of the Disaster Recovery Plan
- Evaluation of the Disaster Recovery Plan Tests
- Maintenance of the Disaster Recovery Plan
Click on the link below to get the Disaster Recovery Plan and Business Continuity sample pages now and make it a part of your disaster recovery toolkit.
This template is
not for resale or re-distribution
>
Disaster Planning - Business Continuity News
Cost of email downtime is high
In today's economy, the importance of e-mail takes on new meaning. Recovery time and recovery point objectives (RTOs and RPOs) are no longer general rules. The Exchange administrator's ability to meet or exceed the proverbial lines in the sand, in terms of time to recover and the age of the data recovered, can mean the difference between gainful employment and prepping for a job interview. In fact, average yearly cost of Exchange downtime for a 500-person corporation, according to data derived from the Contingency Planning Association and Strategic Research, is over $1.5 million.
Disaster Recovery Planning Template Business Continuity Plan
Sarbanes - Oxley - ISO 27000 (27001 & 27002) - HIPAA - PCI- Compliant
Disaster Recovery Planning (DRP) template can be used by any size enterprise. The template and supporting material have been updated to be Sarbanes-Oxley compliant. The Disaster Recovery Planning Documentation comes as a Word document and includes:
- Disaster Recovery Plan Template
- Business and IT Impact Analysis Questionnaire
- Work Plan
- Disaster Recovery & Business Continuity Audit Program
Included in the template is Business Impact Questionnaire as
well as a full Job Description for the Disaster Recovery Manager. The
premium edition contains 11 full job descriptions.
Communication during a recovery process often is not well planned
Effective crisis communication requires technology to provide a
unified solution for communicating information to all involved constituents and
should provide a single source of accurate and up-todate information that can be
accessed.
Disaster recovery
and emergency team members status communication and news have distinct
audiences with different needs when a crisis occurs.
Many Businesses Fail After a Disaster
Businesses'
reliance on IT systems and digital data has never been greater. The 2007 Best's
Underwriting Guide found that only 6% of companies that suffer catastrophic data
loss survive while 43% never reopen and 51% close within 2 years of the
disaster. Best's Underwriting Guide 2007 also found that 93% of the companies
that did not have their data backed up in the event of a disaster went out of
business. An analysis of SMBs' prioritization of disaster recovery, backup and
high availability for 2008 shows that businesses understand the risks to their
business and the value of protection. However, many organizations still think
that backup is a sufficient disaster recovery plan. However, mid-sized
enterprises are at the most risk to disaster and are more likely to rely
strictly on backup as a disaster recovery plan.
The needs and resources of mid-market
firms are unique. Midsized companies must work with limited finances
infrastructure and human resources. Robust disaster recovery used to be
affordable and manageable only by large enterprises. Mid-sized enterprises
relied more on backup than on a formal disaster recovery plan. As businesses'
reliance on IT has grown, backup has increasingly shown its weaknesses. However,
the introduction and maturation of several key technologies, such as
virtualization, have brought affordable and easily implementable Disaster
Recovery and Business Continuity to small and mid-sized companies. SMBs do
not always equate virtualization with Disaster Recovery and Business
Continuity because awareness of the many virtualization applications is
just starting to grow.
Continuous Data Protection can be used as a backup strategy for DRP amd BCP
Continuous Data Protection (CDP) is an increasingly popular disk-based backup strategy. It is replication with an Undo button. Every time a block of data changes on the system being backed up, it is transferred to the CDP system. However, unlike replication, CDP stores changes in a log, so you can undo those changes at a very granular level. In fact, you can recover the system to literally any point in time at which data was stored within the CDP system.
A near-CDP system works in similar fashion except that it has
discrete points in time to which it can recover. To put it another way, near-CDP
combines snapshots with replication. Typically, a snapshot is taken on the
system being backed up, whereupon that snapshot is replicated to another system
that holds the backup.
Why take the snapshot on the source before
replication? Because only at the source can you typically quiesce the
application writing to the storage so that the snapshot will be a meaningful
one.
Consolidation and Disaster Planning
Most organizations today are faced with conflicting goals and challenges. They have geographically distributed workforces, with headquarters, datacenters, branch offices, and mobile workers scattered widely. Everyone needs to access email, file shares, and mission critical applications, and the speed of access directly ties to employee productivity. So computing resources have been widely deployed in many locations to give the local workers the best possible service delivery. However, this approach is now seen as wasteful and expensive with extra hardware and software to buy and maintain for many locations, and often few local IT staff to support the systems. As budgets get tighter, organizations are looking for solutions to handle this burden. IT consolidation is the number one approach today, taking infrastructure out of remote offices and into the main data center as a way to cut costs and boost IT staff productivity. The trick is how to consolidate without hurting the performance for the end users.
While consolidation can certainly bring a number of benefits to
organizations, it will take more than just a Friday afternoon to
ensure that
your consolidation, disaster recovery, and business continuity projects are
truly successful. As far too many IT managers will tell you, a poorly planned
project will have your executives screaming, users threatening mutiny, and IT in
the hot seat to quickly undo all the effort that went into the project in the
first place.
- Lay out a change and risk management strategy
- Develop a plan for resiliency
- Test (and improve) branch office performance & local consolidation
- Architect a forward-looking infrastructure & support plan
- Plan a phased roll-out
Lack of disaster planning led to present crisis
Everyone came to the same conclusion: A lack of disaster planning was a key component to the extent of the damage and loss of life.
Seventeen charity and civil society organizations met at the Jeddah Chamber of Commerce and Industry (JCCI) to organize their efforts after a few days of spontaneous but much appreciated mobilized work to collect and distribute donations in the affected areas. This followed a warning issued by the Governorate cautioning individuals and groups against donating haphazardly and instead directed them to give their donations through registered charity organizations, which are supposed to coordinate their distribution work with the Jeddah Governorate to ensure that the donations reach those who need them.
Discussions quickly revealed a lack of coordination among the charities and with the relevant government offices, namely the Civil Defense and the governorate. While several charities focused on the hardest hit areas, which needed every parcel of assistance it could get, other areas that were also hit hard were almost neglected. It turns out that Al-Sawaed, which has become a ghost town with only ruins, and all the Kilo areas and Mahameed were in bad shape. Poor neighborhoods in downtown Jeddah such as Ghulail and Karantina were also stricken with residents living in knee-high stinking sewage with barely the essentials to live by. Other areas hit hard include Um Alsalam, Bahra, Jamaa, Al-Musaid.
- more infoDisaster Plan & Business Continuity Infrastructure
The key technology
elements of a Disaster Recovery Plan and Business Continuity Plan (DRP/BCP)
infrastructure are the primary data center, a remote site that duplicates the
resources in that primary location and the method used to get files (master and
transaction) between the two sites - such as high-bandwidth network
connections. The best DRP/BCP strategies follow a "redundant every-thing"
philosophy throughout the data center. Multiple mainframes and servers should
run in the production and backup data facilities. Then, if a component in the
production system encounters problems, it immediately fails over to the local
backup as a first line of defense.
Power supplies and communication links are one of the most critical components in a DRP/BCP strategy.
- more info









