To write an effective disaster recovery (DR) plan, you need to know what you need to protect, how much protection it needs, and the tools you have for protecting it. Before you write your plan, do some initial research to make sure you have these facts:

1. Hardware and software inventory

Document the hardware and software applications that your DR plan needs to protect. This should include details such as where the device is located, what model it is, what operating system it runs, and its CPU, RAM, and disk capacities. You should document LAN, WAN, and network equipment as well as servers, desktops, and storage devices. Create or update a network diagram showing how all devices are connected. For software, note the specific versions and where they are deployed, and determine the number of licenses you use. You may want to look up estimated replacement costs for all of these resources, as those can feed into deciding how to spend your disaster recovery budget.

2. Assess criticality

For each item in your inventory, determine whether it’s mission critical. Know how long the business can afford to have unplanned downtime of that resource and how much associated data it can afford to lose. These will help you determine your recovery time objective (RTO) and recovery point objective (RPO). Note that the RTO and RPO are not global numbers; you should have a specific RTO/RPO for each resource.

3. Evaluate risks

Systems are vulnerable to multiple kinds of risks, including weather/natural disasters, power and other outages caused by outside suppliers, and cybercrime. For each resource, determine which risks apply, how likely they are, and what the impact would be. This data will help you shape your DR plan to address the most likely and most critical vulnerabilities.

4. Identify contacts

No matter how automated your DR procedures are, there are numerous people who will need to be aware and participate in the recovery process. List those individuals and their contact information. This list should extend beyond data center, business management, and business operations staff to include other departments such as legal. Third party vendor and business partner contact details should also be documented. Where possible, identify multiple ways to communicate with the contacts in case one means of communication is down.

5. Know your backup process

Backups are a key part of every disaster recovery, but backup procedures are often created without the bigger picture of DR in mind. Take time to review and document your existing backup processes, how they’re monitored, and where the data is stored. You can then revise the existing process as needed to fit your DR strategy.

Prescient Solutions helps businesses assess their disaster recovery needs and implement effective disaster recovery solutions. Contact us to learn more about what you need to know to create your disaster recovery plan.