1. How to Create a Disaster Recovery Plan Learn the basics of creating a plan that will have you prepared to recover your data and keep the business running after an IT-disabling disaster. by Glen Kunene, Senior Editor DevX January 15, 2002
7. Example Template Risk Rating Power Outage Probability: Impact: Hardware Failure Probability: Impact: Disk Failure Probability: Impact: Malware/Malicious Software Probability: Impact: High Human Error Probability: High Impact: Natural Disaster Probability: Low Impact: High Malicious Social Engineering Probability: Impact: High
12. Business Operations It is imperative that IT presents all of these threats to the business operations units, so they can make an informed decision regarding the size of the disaster recovery budget (i.e., which risks the company can afford to tolerate and which it must pay to mitigate ).
13.
14. A good place to begin Present the cost of downtime to the business. How long can your business afford to be without its computer systems, should one of your threats occur? Ultimately, the business operations unit decides which threats the business can tolerate. According to Emerson, when developing a DRP, IT departments are "shooting in the dark without those business indications. "
15.
16. need to be recovered most quickly in a disaster. The management of our small Internet company, for example, may decide they can supply the budget only for the emergency generators and the company will have to assume the risk of an earthquake.
17. Budgets Vary Disaster recovery budgets vary from company to company, but typically run between 2 and 8 percent of the overall IT budget. Companies for which system availability is crucial usually are on the higher end of the scale, while companies that can function without it are on the lower end. However, these percentages may be too small. For a large IT shop 15 percent is a best practice rule of thumb according to Emerson.
20. Detailed Plan or "Script." The recovery procedure should be written in a detailed plan or "script." Establish a Recovery Team from among the IT staff and assign specific recovery duties to each member .