Reviewing & Updating Your Disaster Recovery Plan

Are you prepared for a disaster? From outages to natural disasters like fires and floods, negative incidents happen to companies all over the world, every day. Without a business disaster recovery plan in place, it can be devastating.

That being said, your business doesn’t stay the same year after year, month after month, or even day to day. So, why should your business disaster recovery plan stay the same? A business disaster recovery plan is important, but it only works if it is up to date.

Black and white image - stormy, cloudy day at sea - business disaster recovery plan

Some companies pay almost £1000 per minute of unplanned outage, all the way up to almost £17,500! The total average costs for data center downtime ring in at well over £700,000.

You can prevent the hazards of an out-of-date business disaster recovery plan, including unexpected costs, damaged reputation and unhappy customers, by being aware of when and why you should adjust your plan. While it’s a good idea to have regular reviews built into your schedule, there are a few scenarios in which you’ll find it worthwhile to check in with your plan again.

Scenarios Calling for a Business Disaster Recovery Plan Audit

When you invest in new technology, be it hardware or software, your systems and processes change. Not only do you have data stored in additional or changed places, your business risk analysis is likely different.

Part of your disaster recovery plan should be understanding where your information is located, what systems need to be recovered in which order, and what can be replaced or restored off-site versus on-site.

Even if you are simply adjusting from an on-premise system to something on the cloud, or have migrated another piece of information or an application, you should ensure that your plan still works, or make the appropriate changes. Automation of processes calls for an audit too.

Similarly, if you have new staff on board, or a previous staff member leaves, you will want to review your plan, if only to update it with the correct information. If administrative permissions change, or a different person is named as an emergency contact, review the plan and ensure all is correct.

Finally, if you work in an industry that is subject to data recovery legislation, if that legislation itself changes, pay attention to how it may affect your plan, and perform a review accordingly.

Why Bother Updating Your Business Disaster Recovery Plan?

Updating your plan is as important as making one in the first place. Developing your disaster recovery plans can be a complex process, requiring that you complete many steps before it’s done. Regrettably, however, many organizations end their relationships with business continuity and disaster recovery here. They feel that once the program and plans are completed, their work is done.

Audits show what parts of the plan are incomplete, lack suitable procedures or documentation, are not tested or are simply outdated. Fixing these issues ensures that your organisation is better prepared to respond to unplanned incidents, helping to mitigate the impact of any disaster.

Some companies may feel like auditing or reviewing a business disaster recovery plan is just an exercise in ticking a box for the sake of saying you have done it. In fact, it can be the difference between your plan failing, or coming back from the brink of ruin.

Investing in a disaster recovery plan takes time and effort. It makes sense to protect that investment by returning to your completed plan. Ensure that it is as relevant as it was when you created it and that it will continue to work, despite elements of your business changing.

It may be appealing to sit back and assume that all is well, but when the inevitable disaster occurs, you will wish you had been ready.

How to Audit Your Business Disaster Recovery Plan

Knowing that you need to review and audit your business disaster recovery plan is important, but you also need to know how to do it.

It’s a good idea to start with understanding of why you are performing the audit. Is it a regular checkup type of audit, a specific departmental audit or a deep dive into the entire plan? All of these are appropriate at various points, though you should be planning a comprehensive review of your disaster recovery plan on a scheduled basis, no matter what.

Your audit may involve several steps, including interviewing staff; checking out your past plans and business records; comparing your procedures and policies with any applicable regulations; and seeing how outside vendors you use may impact your plan.

Undertaking a business disaster recovery plan can be time-consuming, so if you do not have the resources to expend, it may be wise to outsource your disaster planning and auditing to an experienced provider. If you partner with a disaster recovery specialist, you’ll be able to set up a plan that works from the start, with a focus on keeping systems and applications running reliably.

Your provider can help you set up an auditing and review schedule that works according to your needs, and can alert you to any situations that would call for an additional review.

However you choose to audit your business disaster recovery plan, the key is to make sure that you have something in place. And make sure that everyone involved in your business understands the importance of regularly maintaining the plan to ensure that it remains watertight.

The cost of trying to bounce back from a negative incident can drag your business down. Many businesses fail to recover from incidents like these unless they are prepared upfront.

Give yourself the best chances of success with a robust business disaster recovery plan, tailored to your company, its risks, and your needs. Click here to find out more about our disaster recovery services.

Posted in Disaster Recovery on Feb 21, 2018