Cyber Security Expo
 
Managing Disasters: Forming, Preparing and Testing the Disaster Recovery Plan by Stephanie Hight on 20/07/06

Disaster Management is a wide-ranging subject that encompasses disaster prevention, disaster management and disaster management control [1]. Although this paper will only address the management of a disaster from the perspective of Information Technology, it is important to note the much wider perspective that an organization needs to take when beginning the ongoing project of Disaster Recovery. The purpose of Disaster Recovery is to respond to disastrous events [2] and to have a fully operational plan ready to be put into place. These disasters could come from natural causes and in some cases can be predictable seasonal events [3], but in most cases they are not. They could be defined as anything that causes a large disruption in services that Information Technology provides. Disasters are something that an organization cannot afford to not be prepared for. The City of Raleigh in North Carolina has been developing their Disaster Recovery Plan since 2001 and DJ Hess, CISSP and the City’s Information Security Administrator sees the role of IT as the lead in the Disaster Recovery Project. Hess states “The role is critical by default and need. Everyone will complain about IT but when the need arises, they are on the doorstep waiting for the restore to happen as quickly as possible. IT is the lead on the DR planning, implementation and testing along with the application owners.”

As firms grow more dependant on uninterrupted information system functioning, disaster recovery is receiving increasing attention, and a growing number of organizations are beginning to engage in Disaster Recovery Planning [4]. Preparing a Disaster Recovery Plan can be a daunting task for an Information Technology Department that has not had to think about recovering vital systems before. It is not an easy feat, but one that must be approached with great organization and with the mindset that Disaster Recovery Planning is not a linear task, but rather a cyclical one. It should be regarded as a dynamic process, one that is continually evolving and improving as the organization and environment changes. The plan should be ever changing and reflective of the current environment that exists. It is not something that once complete will sit on a shelf and never be updated or changed.

This document is in PDF format. To view it click here.

Rate this article

All images, content & text (unless other ownership applies) are © copyrighted 2000 -  , Infosecwriters.com. All rights reserved. Comments are property of the respective posters.