How does your DR plan really match up?

We face everything from floods and bushfires to storms with hailstones the size of golf balls – so most Australian businesses are aware of the need of a good disaster recovery plan. Of course, what constitutes a good plan is as individual as your business – so how do you know how yours measures up?

When was the plan created? When it is devised, a DR plan fits circumstances at a moment in time, but unless it is constantly updated, some weaknesses may have crept in.

What changes have you made to your environment? Ideally, every time new equipment is added, or for that matter removed, it should be assessed for impact on the DR plan. In reality, in the thrust of a project, some businesses overlook this.

Have your personnel changed? When a key team member moves on, you don’t just lose their knowledge. If they had a role in your DR plan, they could leave a gap that goes unseen until the next review. Including DR considerations in any exit process can help avoid risk.

How often is your DR plan tested? There is no perfect frequency, since all businesses are different, but as a rule of thumb, your DR plan should be comprehensively tested at least every six months.

What does your test involve? At the top of the list should of course be all mission critical systems, platforms, applications, data and networks. Assessing interdependencies is worthwhile, yet often overlooked.

What compliance standards must you adhere to? We work with a lot of organisations in different industry sectors, each with their own specific compliance needs. Many of those sectors face increasingly stringent rules about the design and testing of DR plans. To add to that, if you process payments with major finance companies, seek investment, or do business with governments, you are likely to be asked to prove your DR credentials.

Are you using DRaaS? While recent media reports about cloud options centred on the banking industry, the need to take care with provider choice is just as pressing for all types of organisation. Delving into your DRaaS provider’s arrangements should be part of any review. Reputable cloud partners should encourage you to be knowledgeable about their set-up. If you are not met with transparency, it may be time to look elsewhere.

Who audits your DR plan? Some organisations include external review as part of their DR requirements, which makes a lot of sense. Aside from the challenge of finding time to be as thorough as you’d like, it is sometimes much easier to identify opportunity for improvement when you have some distance from the everyday workings of the business environment. External reviews can also provide tremendous support when seeking funding.

​For more about building smart, cost-effective DR plans, or independent DR audits, contact the friendly Meridian IT experts.