2. All Rights Reserved, 2009, TechTarget
2
Revision History
REVISION DATE NAME DESCRIPTION
Original 1.0
All Rights Reserved, 2009, TechTarget
3
3. Table of Contents
Information Technology Statement of Intent
...................................................................... 5
Policy Statement
...............................................................................................
.................. 5
Objectives
...............................................................................................
............................ 5
Key Personnel Contact Info
...............................................................................................
. 6
Notification Calling Tree
...............................................................................................
. 7
External Contacts
...............................................................................................
................. 8
External Contacts Calling Tree
..................................................................................... 10
1 Plan Overview
...............................................................................................
............ 11
1.1 Plan
Updating.................................................................................
4. ................... 11
1.2 Plan Documentation
Storage............................................................................. 11
1.3 Backup Strategy
...............................................................................................
. 11
1.4 Risk Management
.............................................................................................
11
2 Emergency Response
...............................................................................................
. 12
2.1 Alert, escalation and plan invocation
................................................................ 12
2.1.1 Plan Triggering Events
................................................................................. 12
2.1.2 Assembly Points
............................................................................................
12
2.1.3 Activation of Emergency Response Team
.................................................... 12
2.2 Disaster Recovery Team
................................................................................... 13
2.3 Emergency Alert, Escalation and DRP Activation
........................................... 13
5. 2.3.1 Emergency Alert
...........................................................................................
13
2.3.2 DR Procedures for Management
................................................................... 14
2.3.3 Contact with Employees
............................................................................... 14
2.3.4 Backup
Staff.......................................................................................
........... 14
2.3.5 Recorded Messages / Updates
...................................................................... 14
2.3.7 Alternate Recovery Facilities / Hot Site
....................................................... 14
2.3.8 Personnel and Family Notification
............................................................... 14
3 Media
...............................................................................................
......................... 15
3.1 Media Contact
...............................................................................................
.... 15
3.2 Media
Strategies................................................................................
................ 15
3.3 Media Team
6. ...............................................................................................
....... 15
3.4 Rules for Dealing with Media
........................................................................... 15
4 Insurance
...............................................................................................
.................... 15
5 Financial and Legal Issues
........................................................................................ 16
5.1 Financial Assessment
........................................................................................ 16
5.2 Financial Requirements
.................................................................................... 16
5.3 Legal Actions
...............................................................................................
..... 16
6 DRP Exercising
...............................................................................................
.......... 16
Appendix A – Technology Disaster Recovery Plan
Templates........................................ 17
Disaster Recovery Plan for <System One>
.................................................................. 17
Disaster Recovery Plan for <System Two>
.................................................................. 19
7. Disaster Recovery Plan for Local Area Network
(LAN).............................................. 21
Disaster Recovery Plan for Wide Area Network (WAN)
............................................. 23
All Rights Reserved, 2009, TechTarget
4
Disaster Recovery Plan for Remote Connectivity
........................................................ 25
Disaster Recovery Plan for Voice Communications
.................................................... 27
Appendix B – Suggested Forms
....................................................................................... 29
Damage Assessment Form
............................................................................................
29
Management of DR Activities Form
............................................................................. 29
Disaster Recovery Event Recording Form
................................................................... 30
Disaster Recovery Activity Report Form
..................................................................... 30
Mobilizing the Disaster Recovery Team Form
8. ............................................................. 31
Mobilizing the Business Recovery Team
Form............................................................ 31
Monitoring Business Recovery Task Progress
Form.................................................... 32
Preparing the Business Recovery Report Form
............................................................ 32
Communications
Form.......................................................................................
........... 33
Returning Recovered Business Operations to Business Unit
Leadership .................... 33
Business Process/Function Recovery Completion Form
.............................................. 34
All Rights Reserved, 2009, TechTarget
5
Information Technology Statement of Intent
This document delineates our policies and procedures for
technology disaster recovery, as well as
our process-level plans for recovering critical technology
platforms and the telecommunications
9. infrastructure. This document summarizes our recommended
procedures. In the event of an
actual emergency situation, modifications to this document may
be made to ensure physical
safety of our people, our systems, and our data.
Our mission is to ensure information system uptime, data
integrity and availability, and business
continuity.
Policy Statement
Corporate management has approved the following policy
statement:
y shall develop a comprehensive IT disaster
recovery plan.
requirements for the
disaster recovery plan.
critical infrastructure
elements, systems and networks, in accordance with key
business activities.
10. simulated environment to
ensure that it can be implemented in emergency situations and
that the management
and staff understand how it is to be executed.
and their own respective
roles.
account changing
circumstances.
Objectives
The principal objective of the disaster recovery program is to
develop, test and document
a well-structured and easily understood plan which will help the
company recover as
quickly and effectively as possible from an unforeseen disaster
or emergency which
interrupts information systems and business operations.
Additional objectives include the
following:
• The need to ensure that all employees fully understand their
duties in implementing
11. such a plan
• The need to ensure that operational policies are adhered to
within all planned
activities
• The need to ensure that proposed contingency arrangements
are cost-effective
• The need to consider implications on other company sites
• Disaster recovery capabilities as applicable to key customers,
vendors and others
All Rights Reserved, 2009, TechTarget
6
Key Personnel Contact Info
Name, Title Contact Option Contact Number
Work
Alternate
Mobile
Home
Email Address
14. All Rights Reserved, 2009, TechTarget
7
Notification Calling Tree
Person
Identifying
Incident
15. All Rights Reserved, 2009, TechTarget
8
External Contacts
Name, Title Contact Option Contact Number
Landlord / Property Manager
Account Number None
Work
Mobile
Home
Email Address
Power Company
Account Number Work
Mobile
Home
Email Address
Telecom Carrier 1
16. Account Number Work
Mobile
Fax
Home
Email Address
Telecom Carrier 2
Account Number Work
Mobile
Home
Email Address
Hardware Supplier 1
Account Number Work
Mobile
Emergency Reporting
Email Address
Server Supplier 1
17. Account Number. Work
Mobile
Fax
Email Address
Workstation Supplier 1
Account Number Work
Mobile
Home
Email Address
Office Supplies 1
Account Number C3095783 Work
Mobile
Home
Email Address
All Rights Reserved, 2009, TechTarget
9
18. Name, Title Contact Option Contact Number
Insurance – Name
Account Number Work
Mobile
Home
Email Address
Site Security –
Account Number Work
Mobile
Home
Email Address
Off-Site Storage 1
Account Number Work
Mobile
Home
Email Address
19. Off-Site Storage 2
Account Number User ID
Password
Home
Email Address
HVAC –
Account Number Work
Mobile
Home
Email Address
Power Generator –
Account Number Work
Mobile
Home
Email Address
Other –
Account Number Work
22. 1 Plan Overview
1.1 Plan Updating
It is necessary for the DRP updating process to be properly
structured and controlled.
Whenever changes are made to the plan they are to be fully
tested and appropriate
amendments should be made to the training materials. This will
involve the use of
formalized change control procedures under the control of the
IT Director.
1.2 Plan Documentation Storage
Copies of this Plan, CD, and hard copies will be stored in
secure locations to be defined
by the company. Each member of senior management will be
issued a CD and hard copy
of this plan to be filed at home. Each member of the Disaster
Recovery Team and the
Business Recovery Team will be issued a CD and hard copy of
this plan. A master
protected copy will be stored on specific resources established
23. for this purpose.
1.3 Backup Strategy
Key business processes and the agreed backup strategy for each
are listed below. The
strategy chosen is for a fully mirrored recovery site at the
company’s offices in _____.
This strategy entails the maintenance of a fully mirrored
duplicate site which will enable
instantaneous switching between the live site (headquarters) and
the backup site.
KEY BUSINESS PROCESS BACKUP STRATEGY
IT Operations Fully mirrored recovery site
Tech Support - Hardware Fully mirrored recovery site
Tech Support - Software Fully mirrored recovery site
Facilities Management Fully mirrored recovery site
Email Fully mirrored recovery site
Purchasing Fully mirrored recovery site
Disaster Recovery Fully mirrored recovery site
24. Finance Fully mirrored recovery site
Contracts Admin Fully mirrored recovery site
Warehouse & Inventory Fully mirrored recovery site
Product Sales Fully mirrored recovery site
Maintenance Sales Fully mirrored recovery site
Human Resources Off-site data storage facility
Testing Fully Mirrored Recovery site - Fully mirrored recovery
site
Workshop Fully Mirrored Recovery site - Fully mirrored
recovery site
Call Center Fully mirrored recovery site
Web Site Fully mirrored recovery site
1.4 Risk Management
There are many potential disruptive threats which can occur at
any time and affect the
normal business process. We have considered a wide range of
potential threats and the
All Rights Reserved, 2009, TechTarget
25. 12
results of our deliberations are included in this section. Each
potential environmental
disaster or emergency situation has been examined. The focus
here is on the level of
business disruption which could arise from each type of
disaster.
Potential disasters have been assessed as follows:
Potential Disaster Probability Rating Impact Rating
Brief Description Of Potential
Consequences & Remedial
Actions
Flood 3 4 All critical equipment is located
on 1st Floor
Fire 3 4 FM200 suppression system
installed in main computer
centers. Fire and smoke
detectors on all floors.
Tornado 5
Electrical storms 5
Act of terrorism 5
26. Act of sabotage 5
Electrical power
failure
3 4 Redundant UPS array together
with auto standby generator
that is tested weekly & remotely
monitored 24/7. UPSs also
remotely monitored.
Loss of communications network
services
4 4 Two diversely routed T1 trunks
into building. WAN redundancy,
voice network resilience
Probability: 1=Very High, 5=Very Low Impact: 1=Total
destruction, 5=Minor annoyance
2 Emergency Response
2.1 Alert, escalation and plan invocation
2.1.1 Plan Triggering Events
Key trigger issues at headquarters that would lead to activation
of the DRP are:
• Total loss of all communications
• Total loss of power
• Flooding of the premises
27. • Loss of the building
2.1.2 Assembly Points
Where the premises need to be evacuated, the DRP invocation
plan identifies two
evacuation assembly points:
• Primary – Far end of main parking lot;
• Alternate – Parking lot of company across the street
2.1.3 Activation of Emergency Response Team
When an incident occurs the Emergency Response Team (ERT)
must be activated. The
ERT will then decide the extent to which the DRP must be
invoked. All employees must
be issued a Quick Reference card containing ERT contact
details to be used in the event
of a disaster. Responsibilities of the ERT are to:
All Rights Reserved, 2009, TechTarget
13
• Respond immediately to a potential disaster and call
emergency services;
• Assess the extent of the disaster and its impact on the
28. business, data center, etc.;
• Decide which elements of the DR Plan should be activated;
• Establish and manage disaster recovery team to maintain vital
services and return to
normal operation;
• Ensure employees are notified and allocate responsibilities
and activities as required.
2.2 Disaster Recovery Team
The team will be contacted and assembled by the ERT. The
team's responsibilities
include:
• Establish facilities for an emergency level of service within
2.0 business hours;
• Restore key services within 4.0 business hours of the incident;
• Recover to business as usual within 8.0 to 24.0 hours after the
incident;
• Coordinate activities with disaster recovery team, first
responders, etc.
• Report to the emergency response team.
2.3 Emergency Alert, Escalation and DRP Activation
This policy and procedure has been established to ensure that in
the event of a disaster or
crisis, personnel will have a clear understanding of who should
29. be contacted. Procedures
have been addressed to ensure that communications can be
quickly established while
activating disaster recovery.
The DR plan will rely principally on key members of
management and staff who will
provide the technical and management skills necessary to
achieve a smooth technology
and business recovery. Suppliers of critical goods and services
will continue to support
recovery of business operations as the company returns to
normal operating mode.
2.3.1 Emergency Alert
The person discovering the incident calls a member of the
Emergency Response Team in
the order listed:
Emergency Response Team
• _________
• _________
• _________
30. If not available try:
• _________
• _________
All Rights Reserved, 2009, TechTarget
14
The Emergency Response Team (ERT) is responsible for
activating the DRP for disasters
identified in this plan, as well as in the event of any other
occurrence that affects the
company’s capability to perform normally.
One of the tasks during the early stages of the emergency is to
notify the Disaster
Recovery Team (DRT) that an emergency has occurred. The
notification will request
DRT members to assemble at the site of the problem and will
involve sufficient
information to have this request effectively communicated. The
31. Business Recovery Team
(BRT) will consist of senior representatives from the main
business departments. The
BRT Leader will be a senior member of the company's
management team, and will be
responsible for taking overall charge of the process and
ensuring that the company
returns to normal working operations as early as possible.
2.3.2 DR Procedures for Management
Members of the management team will keep a hard copy of the
names and contact
numbers of each employee in their departments. In addition,
management team members
will have a hard copy of the company’s disaster recovery and
business continuity plans
on file in their homes in the event that the headquarters building
is inaccessible, unusable,
or destroyed.
2.3.3 Contact with Employees
Managers will serve as the focal points for their departments,
while designated
employees will call other employees to discuss the
crisis/disaster and the company’s
32. immediate plans. Employees who cannot reach staff on their
call list are advised to call
the staff member’s emergency contact to relay information on
the disaster.
2.3.4 Backup Staff
If a manager or staff member designated to contact other staff
members is unavailable or
incapacitated, the designated backup staff member will perform
notification duties.
2.3.5 Recorded Messages / Updates
For the latest information on the disaster and the organization’s
response, staff members
can call a toll-free hotline listed in the DRP wallet card.
Included in messages will be
data on the nature of the disaster, assembly sites, and updates
on work resumption.
2.3.7 Alternate Recovery Facilities / Hot Site
If necessary, the hot site at SunGard will be activated and
notification will be given via
recorded messages or through communications with managers.
Hot site staffing will
consist of members of the disaster recovery team only for the
first 24 hours, with other
33. staff members joining at the hot site as necessary.
2.3.8 Personnel and Family Notification
If the incident has resulted in a situation which would cause
concern to an employee’s
immediate family such as hospitalization of injured persons, it
will be necessary to notify
their immediate family members quickly.
All Rights Reserved, 2009, TechTarget
15
3 Media
3.1 Media Contact
Assigned staff will coordinate with the media, working
according to guidelines that have
been previously approved and issued for dealing with post-
disaster communications.
3.2 Media Strategies
1. Avoiding adverse publicity
2. Take advantage of opportunities for useful publicity
3. Have answers to the following basic questions:
34. 3.3 Media Team
• ____________________________________________
• ____________________________________________
• ____________________________________________
3.4 Rules for Dealing with Media
Only the media team is permitted direct contact with the media;
anyone else contacted
should refer callers or in-person media representatives to the
media team.
4 Insurance
As part of the company’s disaster recovery and business
continuity strategies a number of
insurance policies have been put in place. These include errors
and omissions, directors
& officers liability, general liability, and business interruption
insurance.
If insurance-related assistance is required following an
35. emergency out of normal
business hours, please contact:
____________________________________________
Policy Name
Coverage
Type
Coverage
Period
Amount Of
Coverage
Person
Responsible
For Coverage
Next Renewal
Date
All Rights Reserved, 2009, TechTarget
16
36. 5 Financial and Legal Issues
5.1 Financial Assessment
The emergency response team shall prepare an initial
assessment of the impact of the
incident on the financial affairs of the company. The assessment
should include:
5.2 Financial Requirements
The immediate financial needs of the company must be
addressed. These can include:
etc.
services required post-
37. disaster
5.3 Legal Actions
The company legal department and ERT will jointly review the
aftermath of the incident
and decide whether there may be legal actions resulting from
the event; in particular, the
possibility of claims by or against the company for regulatory
violations, etc.
6 DRP Exercising
Disaster recovery plan exercises are an essential part of the plan
development process. In
a DRP exercise no one passes or fails; everyone who
participates learns from exercises –
what needs to be improved, and how the improvements can be
implemented. Plan
exercising ensures that emergency teams are familiar with their
assignments and, more
importantly, are confident in their capabilities.
Successful DR plans launch into action smoothly and effectively
when they are needed.
38. This will only happen if everyone with a role to play in the plan
has rehearsed the role
one or more times. The plan should also be validated by
simulating the circumstances
within which it has to work and seeing what happens.
All Rights Reserved, 2009, TechTarget
17
Appendix A – Technology Disaster Recovery Plan Templates
Disaster Recovery Plan for <System One>
SYSTEM
OVERVIEW
PRODUCTION SERVER Location:
Server Model:
Operating System:
CPUs:
39. Memory:
Total Disk:
System Handle:
System Serial #:
DNS Entry:
IP Address:
Other:
HOT SITE SERVER Provide details
APPLICATIONS
(Use bold for Hot Site)
ASSOCIATED SERVERS
KEY CONTACTS
Hardware Vendor Provide details
System Owners Provide details
Database Owner Provide details
Application Owners Provide details
Software Vendors Provide details
40. Offsite Storage Provide details
BACKUP STRATEGY FOR
SYSTEM ONE
Daily Provide details
Monthly Provide details
Quarterly Provide details
SYSTEM ONE
DISASTER RECOVERY
PROCEDURE
Scenario 1
Total Loss of Data
Provide details
Scenario 2
41. Total Loss of HW
Provide details
All Rights Reserved, 2009, TechTarget
18
ADDENDUM
CONTACTS
File Systems <date>
File System as of
<date>
Minimal file systems to
be created and restored
42. from backup:
<List>
Filesystem kbytes Used Avail %used
Mounted on
<Provide details>
Other critical files to
modify
<Provide details>
Necessary directories to
create
<Provide details>
Critical files to restore <Provide details>
Secondary files to
restore
<Provide details>
Other files to restore <Provide details>
43. All Rights Reserved, 2009, TechTarget
19
Disaster Recovery Plan for <System Two>
SYSTEM
OVERVIEW
PRODUCTION SERVER Location:
Server Model:
Operating System:
CPUs:
Memory:
Total Disk:
System Handle:
System Serial #:
DNS Entry:
IP Address:
44. Other:
HOT SITE SERVER Provide details
APPLICATIONS
(Use bold for Hot Site)
ASSOCIATED SERVERS
KEY CONTACTS
Hardware Vendor Provide details
System Owners Provide details
Database Owner Provide details
Application Owners Provide details
Software Vendors Provide details
Offsite Storage Provide details
BACKUP STRATEGY for
SYSTEM TWO
Daily Provide details
Monthly Provide details
45. Quarterly Provide details
SYSTEM TWO
DISASTER RECOVERY
PROCEDURE
Scenario 1
Total Loss of Data
Provide details
Scenario 2
Total Loss of HW
Provide details
All Rights Reserved, 2009, TechTarget
20
46. ADDENDUM
CONTACTS
File Systems <date>
File System as of
<date>
Minimal file systems to
be created and restored
from backup:
<List>
Filesystem kbytes Used Avail %used
Mounted on
<Provide details>
47. Other critical files to
modify
<Provide details>
Necessary directories to
create
<Provide details>
Critical files to restore <Provide details>
Secondary files to
restore
<Provide details>
Other files to restore <Provide details>
All Rights Reserved, 2009, TechTarget
21
Disaster Recovery Plan for Local Area Network (LAN)
48. SYSTEM
OVERVIEW
SERVER Location:
Server Model:
Operating System:
CPUs:
Memory:
Total Disk:
System Handle:
System Serial #:
DNS Entry:
IP Address:
Other:
HOT SITE SERVER Provide details
APPLICATIONS
(Use bold for Hot Site)
ASSOCIATED SERVERS
49. KEY CONTACTS
Hardware Vendor Provide details
System Owners Provide details
Database Owner Provide details
Application Owners Provide details
Software Vendors Provide details
Offsite Storage Provide details
BACKUP STRATEGY for
SYSTEM TWO
Daily Provide details
Monthly Provide details
Quarterly Provide details
SYSTEM TWO
DISASTER RECOVERY
PROCEDURE
50. Scenario 1
Total Loss of Data
Provide details
Scenario 2
Total Loss of HW
Provide details
All Rights Reserved, 2009, TechTarget
22
ADDENDUM
CONTACTS
51. File Systems <date>
File System as of
<date>
Minimal file systems to
be created and restored
from backup:
<List>
Filesystem kbytes Used Avail %used
Mounted on
<Provide details>
Other critical files to
modify
<Provide details>
Necessary directories to
create
52. <Provide details>
Critical files to restore <Provide details>
Secondary files to
restore
<Provide details>
Other files to restore <Provide details>
All Rights Reserved, 2009, TechTarget
23
Disaster Recovery Plan for Wide Area Network (WAN)
SYSTEM
OVERVIEW
EQUIPMENT Location:
Device Type:
Model No.:
53. Technical Specifications:
Network Interfaces:
Power Requirements;
System Serial #:
DNS Entry:
IP Address:
Other:
HOT SITE EQUIPMENT Provide details
SPECIAL APPLICATIONS
ASSOCIATED DEVICES
KEY CONTACTS
Hardware Vendor Provide details
System Owners Provide details
Database Owner Provide details
Application Owners Provide details
Software Vendors Provide details
Offsite Storage Provide details
Network Services Provide details
54. BACKUP STRATEGY for
SYSTEM TWO
Daily Provide details
Monthly Provide details
Quarterly Provide details
SYSTEM TWO
DISASTER RECOVERY
PROCEDURE
Scenario 1
Total Loss of Network
Provide details
Scenario 2
Total Loss of HW
55. Provide details
All Rights Reserved, 2009, TechTarget
24
ADDENDUM
CONTACTS
Support Systems <date>
Support system
<Provide details>
Critical network assets <Provide details>
Critical interfaces <Provide details>
Critical files to restore <Provide details>
56. Critical network
services to restore
<Provide details>
Other services <Provide details>
All Rights Reserved, 2009, TechTarget
25
Disaster Recovery Plan for Remote Connectivity
SYSTEM
OVERVIEW
EQUIPMENT Location:
Device Type:
Model No.:
Technical Specifications:
Network Interfaces:
57. Power Requirements;
System Serial #:
DNS Entry:
IP Address:
Other:
HOT SITE EQUIPMENT Provide details
SPECIAL APPLICATIONS
ASSOCIATED DEVICES
KEY CONTACTS
Hardware Vendor Provide details
System Owners Provide details
Database Owner Provide details
Application Owners Provide details
Software Vendors Provide details
Offsite Storage Provide details
Network Services Provide details
BACKUP STRATEGY for
58. SYSTEM TWO
Daily Provide details
Monthly Provide details
Quarterly Provide details
SYSTEM TWO
DISASTER RECOVERY
PROCEDURE
Scenario 1
Total Loss of Network
Provide details
Scenario 2
Total Loss of HW
Provide details
59. All Rights Reserved, 2009, TechTarget
26
ADDENDUM
CONTACTS
Support Systems <date>
Support system
<Provide details>
Critical network assets <Provide details>
Critical interfaces <Provide details>
Critical files to restore <Provide details>
Critical network
60. services to restore
<Provide details>
Other services <Provide details>
All Rights Reserved, 2009, TechTarget
27
Disaster Recovery Plan for Voice Communications
SYSTEM
OVERVIEW
EQUIPMENT Location:
Device Type:
Model No.:
Technical Specifications:
Network Interfaces:
Power Requirements;
System Serial #:
61. DNS Entry:
IP Address:
Other:
HOT SITE EQUIPMENT Provide details
SPECIAL APPLICATIONS
ASSOCIATED DEVICES
KEY CONTACTS
Hardware Vendor Provide details
System Owners Provide details
Database Owner Provide details
Application Owners Provide details
Software Vendors Provide details
Offsite Storage Provide details
Network Services Provide details
BACKUP STRATEGY for
SYSTEM TWO
62. Daily Provide details
Monthly Provide details
Quarterly Provide details
SYSTEM TWO
DISASTER RECOVERY
PROCEDURE
Scenario 1
Total Loss of Switch
Provide details
Scenario 2
Total Loss of Network
Provide details
63. All Rights Reserved, 2009, TechTarget
28
ADDENDUM
CONTACTS
Support Systems <date>
Support system
<Provide details>
Critical network assets <Provide details>
Critical interfaces <Provide details>
Critical files to restore <Provide details>
Critical network
services to restore
<Provide details>
64. Other services <Provide details>
All Rights Reserved, 2009, TechTarget
29
Appendix B – Suggested Forms
Damage Assessment Form
Key Business
Process Affected
Description Of Problem Extent Of Damage
_____________
Management of DR Activities Form
65. • During the disaster recovery process all activities will be
determined using a standard
structure;
• Where practical, this plan will need to be updated on a regular
basis throughout the
disaster recovery period;
• All actions that occur during this phase will need to be
recorded.
Activity Name:
Reference Number:
Brief Description:
Commencement
Date/Time
Completion
Date/Time
Resources Involved In Charge
66. __________________
All Rights Reserved, 2009, TechTarget
30
Disaster Recovery Event Recording Form
• All key events that occur during the disaster recovery phase
must be recorded.
• An event log shall be maintained by the disaster recovery team
leader.
• This event log should be started at the commencement of the
emergency and a copy
of the log passed on to the business recovery team once the
initial dangers have been
controlled.
• The following event log should be completed by the disaster
recovery team leader to
record all key events during disaster recovery, until such time
as responsibility is
67. handed over to the business recovery team.
Description of Disaster:
Commencement Date:
Date/Time DR Team Mobilized:
Activities Undertaken by DR
Team
Date and
Time
Outcome
Follow-On Action
Required
Disaster Recovery Team's Work Completed: <Date>
Event Log Passed to Business Recovery Team: <Date>
_________________
68. Disaster Recovery Activity Report Form
• On completion of the initial disaster recovery response the
DRT leader should prepare
a report on the activities undertaken.
• The report should contain information on the emergency, who
was notified and when,
action taken by members of the DRT together with outcomes
arising from those
actions.
• The report will also contain an assessment of the impact to
normal business
operations.
• The report should be given to business recovery team leader,
with a copy to senior
management, as appropriate.
• A disaster recovery report will be prepared by the DRT leader
on completion of the
initial disaster recovery response.
• In addition to the business recovery team leader, the report
will be distributed to
senior management
All Rights Reserved, 2009, TechTarget
69. 31
The report will include:
• A description of the emergency or incident
• Those people notified of the emergency (including dates)
• Action taken by members of the DRT
• Outcomes arising from actions taken
• An assessment of the impact to normal business operations
• Assessment of the effectiveness of the BCP and lessons
learned
• Lessons learned
__________
Mobilizing the Disaster Recovery Team Form
• Following an emergency requiring recovery of technology
infrastructure assets, the
disaster recovery team should be notified of the situation and
placed on standby.
• The format shown below can be used for recording the
activation of the DR team
once the work of the damage assessment and emergency
response teams has been
completed.
Description of Emergency:
Date Occurred:
70. Date Work of Disaster Recovery Team Completed:
Name of Team
Member
Contact
Details
Contacted On
(Time / Date)
By Whom Response
Start Date
Required
Relevant Comments (e.g., Specific Instructions Issued)
___________
Mobilizing the Business Recovery Team Form
recovery team, the
business recovery team should be notified of the situation and
placed on standby.
71. activation of the business
recovery team once the work of the disaster recovery team has
been completed.
Description of Emergency:
Date Occurred:
Date Work of Business Recovery Team Completed:
Name of Team
Member
Contact
Details
Contacted On
(Time / Date)
By Whom Response
Start Date
Required
All Rights Reserved, 2009, TechTarget
32
72. Relevant Comments (e.g., Specific Instructions Issued)
____________
Monitoring Business Recovery Task Progress Form
• The progress of technology and business recovery tasks must
be closely monitored
during this period of time.
• Since difficulties experienced by one group could significantly
affect other dependent
tasks it is important to ensure that each task is adequately
resourced and that the
efforts required to restore normal business operations have not
been underestimated.
Note: A priority sequence must be identified although, where
possible, activities will be carried out
simultaneously.
Recovery Tasks
(Order of Priority)
73. Person(s) Responsible
Completion Date Milestones
Identified
Other Relevant
Information Estimated Actual
1.
2.
3.
4.
5.
6.
7.
___________
Preparing the Business Recovery Report Form
should prepare a report
on the activities undertaken and completed.
74. event, who was notified and
when, action taken by members of the BRT together with
outcomes arising from
those actions.
normal business
operations.
appropriate.
The contents of the report shall include:
rmal business operations
All Rights Reserved, 2009, TechTarget
33
75. business continuity plan
Communications Form
uring the disaster recovery and business
recovery activities that
all affected persons and organizations are kept properly
informed.
timely.
urn to normal
working operations
should be announced with care.
with media queries.
Groups of Persons or
Organizations Affected
by Disruption
Persons Selected To Coordinate Communications
to Affected Persons / Organizations
Name Position Contact Details
76. Customers
Management & Staff
Suppliers
Media
Stakeholders
Others
____________
Returning Recovered Business Operations to Business Unit
Leadership
necessary to return the
responsibility for specific operations to the appropriate business
unit leader.
parties understand the
change in overall responsibility, and the transition to business-
as-usual.
responsibility may have been
assigned to the business recovery process lead.
siness unit management will be fully
77. involved throughout the
recovery, but in order for the recovery process to be fully
effective, overall
responsibility during the recovery period should probably be
with a business recovery
process team.
____________
All Rights Reserved, 2009, TechTarget
34
Business Process/Function Recovery Completion Form
The following transition form should be completed and signed
by the business recovery
team leader and the responsible business unit leader, for each
process recovered.
A separate form should be used for each recovered business
process.
78. Name Of Business Process
Completion Date of Work Provided by Business Recovery Team
Date of Transition Back to Business Unit Management
(If different than completion date)
I confirm that the work of the business recovery team has been
completed in accordance with the
disaster recovery plan for the above process, and that normal
business operations have been
effectively restored.
Business Recovery Team Leader Name:
________________________________________
Signature:
_____________________________________________________
___________
Date: __________________________
(Any relevant comments by the BRT leader in connection with
the return of this business process
should be made here.)
I confirm that above business process is now acceptable for
normal working conditions.
80. Department. The protracted power outages,
widespread damage, and lost business wrought by the
hurricane—estimated to cost between
$30 and $50 billion, according to IHS Global Insight—taught
many companies unfortunate
lessons about the importance of disaster recovery planning.
David Sarabacha, a principal with Deloitte & Touche LLP who
specializes in resilience and
recovery planning, says Hurricane Sandy reminded business
leaders that thoughtful disaster
preparation can pay dividends for a company’s ability to
weather a storm. He identified 10
lessons from the recent hurricane that can help businesses better
prepare for the next crisis.
Lesson 1: Take care of your employees. When disaster strikes,
employees will rightfully put the
safety of their families and homes first. “It’s impossible for
employees to think about work when
they don’t have heat or electricity, water is rising in their
basements, their homes have been
destroyed, or they need to account for loved ones,” says
Sarabacha. “To the extent a company
can either help employees prepare for a disaster or get back on
their feet after one, the sooner it
can return to business as usual.”
Sarabacha advises organizations to do more for employees than
simply provide them with
suggestions for personal preparedness and home safety. For
example, he urges companies to
offer alternate communications capabilities to decision-makers.
He also recommends providing
basic necessities such as water, food, shelter, and daycare to
affected families, since private
81. companies may be able to mobilize faster than relief
organizations. And he counsels companies
to help employees find or get priority service from contractors
who can repair or rebuild their
homes.
CIO Insights and Analysis from Deloitte
CONTENT FROM OUR SPONSOR
Please note: The Wall Street Journal News Department was not
involved in the creation of the content below.
Disaster Recovery: 10 Lessons from
Hurricane Sandy
http://energy.gov/articles/hurricane-sandy-noreaster-situation-
reports
http://www.ihs.com/products/Global-Insight/industry-economic-
report.aspx?ID=1065972961
6/15/2019 Disaster Recovery: 10 Lessons from Hurricane Sandy
- CIO Journal - WSJ
https://deloitte.wsj.com/cio/2012/11/29/disaster-recovery-
planning-10-lessons-learned-from-hurricane-sandy/ 2/6
While acknowledging that these “above-and-beyond” efforts can
grow costly, Sarabacha also
argues that the added investment may be justified if business
activities are truly time sensitive
and hinge on critical personnel.
Lesson 2: Crisis management, business continuity, and disaster
recovery plans should be
82. detailed. Sarabacha notes that many businesses’ disaster
recovery plans are fairly high level.
“Executives assume they’ll figure out the details when an event
takes place,” he says. “But if
business leaders don’t have sufficient lines of communication
available to share information,
make decisions, and disseminate instructions, their ability to
implement their plans will be
impaired.”
Sarabacha says disaster recovery plans should establish clear
chains of decision-making and
empower employees in the field to take action. They shouldn’t
have to wait for direction from a
senior leader, whose communications may be out of
commission.
“The sooner a company can take decisive actions in the event of
a disaster, the faster they may
be able to recover,” he says.
Lesson 3: Plan for different impacts, both in magnitude and
duration. One mistake
businesses make when drafting disaster recovery plans is
assuming an event will only affect their
organizations for 24 to 48 hours.
“Sandy brought to light the need for short-, medium-, and
longer-term business continuity plans,”
says Sarabacha. “Companies will likely need different disaster
recovery strategies for events of
different durations.”
For example, a two-day power outage may not require renting
back-up office space, but a two-
week power outage may. An investment bank may need to
83. transfer work to another office so that
it can process trades during a two-day or week-long outage, but
transferring work for longer
periods could result in burn-out for the employees taking on
additional responsibilities, notes
Sarabacha.
Lesson 4: Businesses can’t rely on employees’ ability to work
from home. Many
companies’ business continuity plans direct employees to
telecommute if they can’t get into the
office, according to Sarabacha. But, as Sandy illustrated, that
approach quickly falls apart if
employees lack power and can’t access the corporate network
from their homes.
One potential solution for large companies is to transfer work to
individuals at offices that haven’t
been affected. To implement this strategy effectively, says
Sarabacha, companies need to know
which individuals possess the skills to take on various
activities. Because their human resources
will be constrained and overwhelmed, they’ll also have to
prioritize what work gets done.
6/15/2019 Disaster Recovery: 10 Lessons from Hurricane Sandy
- CIO Journal - WSJ
https://deloitte.wsj.com/cio/2012/11/29/disaster-recovery-
planning-10-lessons-learned-from-hurricane-sandy/ 3/6
“For example, if a company can only serve 50 percent of its
customers because it lacks capacity
in its call centers, the company needs to decide how it will
84. prioritize service,” says Sarabacha.
“Companies should seek to avoid a situation in which they are
devoting their scarce resources to
their least critical activities.”
Another possible solution is to set up alternate work sites
through real estate or insurance
companies that rent “just in time office space” on an hourly,
daily, or weekly basis. Companies
need to plan how they’ll get critical employees to these sites,
which may be located in
neighboring states, in the event air traffic or mass transit
systems are compromised, notes
Sarabacha. They will also need to board employees and their
families in hotels while employees
are working out of state, and they’ll have to cover, track, and
reimburse employees for incidentals
required while working off-site.
Lesson 5: Employ alternate forms of communication. During
Hurricane Sandy, the Federal
Communications Commission reported that 25 percent of cell
phone towers lost power, rendering
many mobile phones useless. Sarabacha advises companies to
use other communication
mechanisms, including satellite phones. “Be sure you can get a
sufficient uninterruptable power
supply (UPS) battery, diesel or other fueled generator to keep
the satellite phones charged,” he
says.
Lesson 6: Two alternate data center recovery sites are ideal.
After 9/11, many companies in
the Northeast moved their back-up data centers to sites closer to
home, in New Jersey, according
to Sarabacha. They switched from distant backup data centers to
85. closer ones because the
terrorist attacks shut down air travel, and companies wanted to
make sure their back-up locations
were within a commutable distance, he adds.
Because Sandy took out companies’ primary data centers in
New York and their back-up data
centers in New Jersey, the hurricane demonstrated the need to
ideally have two fallbacks, one
nearby and one far away. Sarabacha notes that not every
company can afford multiple data
centers, and some companies may have to accept that it could
take several days or a week to
recover their data centers.
Lesson 7: The cloud isn’t a panacea. Cloud-based applications
and storage have mitigated
some of the impact of disasters on companies. Because those
applications and data can still be
stored in the provider’s data center, the applications may still
be available to clients provided they
have power, and the data is at least theoretically recoverable or
protected.
“Too many organizations don’t fully understand what their
cloud providers offer in terms of
disaster recovery,” says Sarabacha. “They assume cloud data is
available. They need to know for
sure they can get their data and their apps, not to mention when
they can access them.”
http://www.fcc.gov/document/chairman-and-pshsb-chief-
statement-communications-network
6/15/2019 Disaster Recovery: 10 Lessons from Hurricane Sandy
86. - CIO Journal - WSJ
https://deloitte.wsj.com/cio/2012/11/29/disaster-recovery-
planning-10-lessons-learned-from-hurricane-sandy/ 4/6
Lesson 8: Understand your vendors’ disaster recovery plans.
The Thursday after Sandy,
Sarabacha spoke with a client based in southern California
whose business was scrambling to
re-route products from its mid-Atlantic distribution center after
a logistics provider in the region
was shut down by the storm.
Sarabacha says his client’s conundrum illustrates the
importance of having insight into vendor
and service providers’ business continuity plans. His client
needed to know when and how the
logistics provider would restore service, given the pent-up
demand the storm created.
“Even if an event like a hurricane has a limited impact on your
organization, you need to realize
how it might affect your third parties and their plans for a
response given your reliance on them,”
he says.
Lesson 9: Test your plan. Sarabacha says few companies
extensively test their business
continuity and disaster recovery plans. They might test one data
center, but not another. They
might test data recovery, but not their ability to actively restore
dependent applications or to
synchronize disparate systems.
“I rarely see an integrated test that reflects what many
organizations were dealing with a few
87. weeks ago,” he says. “Realistic exercises and war games must
be developed and executed to
simulate both the anticipated and unknown circumstances an
organization may face.”
Lesson 10: Don’t make the same mistakes again. When
companies recover insurance money
for facilities lost or damaged by a natural disaster, they often
repair or rebuild those facilities
without applying lessons learned. Consequently, says
Sarabacha, those companies could find
themselves in the same position following the next storm.
In the aftermath of a disaster, Sarabacha advises clients to make
strategic and tactical
modifications to their operations and assets (e.g., buildings,
equipment, inventory, technology,
human resources, and vendors). For example, if a company kept
one kind of product in each
warehouse before a disaster, it might decide to diversify its
product mix across warehouses.
Making strategic and tactical changes might also mean
eliminating single points of failure,
upgrading equipment, hardening facilities, and using multiple
vendors for different services.
Companies that lack core competencies in crisis and disaster
risk management may consider
outsourcing or co-sourcing arrangements with third parties that
can help them plan, prepare, and
respond.
“Often it takes a swift reminder, whether an extreme weather
event such as Sandy or a
significantly lingering economic crisis, to demonstrate that
disaster preparations will continue to
88. be a good investment in protecting an organization’s personnel,
assets, and stock price.”
6/15/2019 Disaster Recovery: 10 Lessons from Hurricane Sandy
- CIO Journal - WSJ
https://deloitte.wsj.com/cio/2012/11/29/disaster-recovery-
planning-10-lessons-learned-from-hurricane-sandy/ 5/6
November 29, 2012, 12:01 am
Questions? Write to deloitteeditor
Follow us on Twitter @Deloitte
This publication contains general information only and Deloitte
is not, by means of this publication, rendering accounting,
business, financial, investment, legal, tax, or other professional
advice or services. This publication is not a substitute for such
professional advice or services, nor should it be used as a basis
for any decision or action that may affect your business. Before
making any decision or taking any action that may affect your
business, you should consult a qualified professional advisor.
Deloitte shall not be responsible for any loss sustained by any
person who relies on this publication. About Deloitte: Deloitte
refers
to one or more of Deloitte Touche Tohmatsu Limited, a UK
private company limited by guarantee ("DTTL"), its network of
member
firms, and their related entities. DTTL and each of its member
firms are legally separate and independent entities. DTTL (also
referred to as "Deloitte Global") does not provide services to
clients. In the United States, Deloitte refers to one or more of
the US
90. services this year, resulting in more cognitive-enabled
implementations, greater AI investments,
and increased rewards.
How Third-Party Data Can Enhance Analytics
A growing number of companies are seeking an analytical edge
by employing outside data
sources. Incorporating third-party information effectively,
however, can be tricky. To boost the
value of their companies’ analytics efforts, business leaders
may want to adopt some key
practices to navigate the complexity.
TMT CIOs: Business, IT Out of Sync on Cyber, Talent
An analysis from Deloitte’s Center for Technology, Media, and
Telecommunications (TMT) finds that many TMT
CIOs are looking to reshape their workforces by hiring talent
with problem-solving abilities, social aptitude, and
other soft skills. Survey results also indicate a need for more
collaboration related to cybersecurity and risk among
mailto:[email protected]
http://twitter.com/Deloitte
http://www.deloitte.com/us/about
https://deloitte.wsj.com/cio/2016/11/09/draas-offers-recovery-
assurances-via-cloud/?mod=Deloitte_cio_relatedInsights
https://deloitte.wsj.com/cio/2016/11/09/draas-offers-recovery-
assurances-via-cloud/?mod=Deloitte_cio_relatedInsights
https://deloitte.wsj.com/cio/2013/04/01/how-to-create-it-
resilience/?mod=Deloitte_cio_relatedInsights
https://deloitte.wsj.com/cio/2019/06/02/cloud-accelerates-ai-
adoption/?mod=Deloitte_cio_editorschoice
https://deloitte.wsj.com/cio/2019/06/02/cloud-accelerates-ai-
adoption/?mod=Deloitte_cio_editorschoice
https://deloitte.wsj.com/cio/2019/05/23/how-third-party-data-
can-enhance-analytics/?mod=Deloitte_cio_editorschoice