What is RTO and RPO and why should I care? Part Two

Citrix Announces Free XenServer Enterprise, Citrix Essentials, and Project Encore

A Business Continuity/Disaster Recovery Plan establishes procedures to recover the business applications and functions following a declared disaster. The document is used to plan disaster recovery activities, perform recovery exercises, and to recover in the event of a declared disaster. The plan usually includes the following objectives:

  • Maximize the effectiveness of operations through an established plan that consists of the following phases: a notification/activation phase to detect and assess damage and to activate the plan, and arecovery phase to restore temporary IT operations and recover damage done to the original system.
  • Identify the activities, resources, and procedures needed to carry out the processing requirements during a declared disaster.
  • Assign responsibilities to designated personnel and provide guidance for recovering the application during a declared disaster.
  • Ensure coordination with other business staff who will participate in the planning strategies. Ensure coordination with external points of contact and vendors who will participate in the contingency planning strategies.

This plan needs to have as much information about the critical systems as possible so they can be effectively recovered as quickly as possible. A suggested format of data might be something similar to the table below:

Production LocationProduction Server NameSystem or Application NameDescription & How Use
Main Data CenterDomainController1Active DirectoryLogin and access control
Secondary DCDomainController2Active DirectoryReplica of DC
Main Data CenterPrintServer1PrintingControls printing of forms
Main Data CenterSQLDBServer1MS SQL 2008 R2DB server for Accounting
Main Data CenterAPPServer1XYZ ApplicationMain Accounting package
Application LayerDisaster Recovery TypeRTORPO
Active DirectoryRapid Recovery1 Hour1 Hour
DatabaseHot4 Hours2 Hours
XYZ ApplicationHot6 Hours2 Hours

You will notice that it is estimated that it will take longer to restore the application than the database and this is due to the dependency of the application on the database to be able to function. When you perform the exercise of listing your systems and their functions, you will find different dependencies that may not have been documented or remembered until this exercise is completed.

Once these items are documented, we suggest you maintain duplicate copies (paper as well as digital) at the potential disaster recovery sites as well as the main data site so they are available if additional assistance is needed from outside personnel. This can be used as a blueprint/run book/project plan to ensure that the critical business functions are recovered in the proper order as quickly as possible.

Remember: In a disaster, there will be a lot of pressure to have systems operational quickly as well as the other distractions and confusion. Having these things documented ahead of time will save precious time and resources as well as it helps to get the most reliable and accurate recovery to business function.

Here’s an example of a BC/DR Outline is included below:

Table of Contents

1 Purpose
2 Critical Application Functionality and Assumptions
3 Application RTO / RPO
4 Recovery Contacts and Important Phone Numbers
5 Critical Vendors and Partners
6 Critical Required Skills
7 Recovery Requirements
8 Vital Records Required
9 Hardware Required
10 Storage Required
11 Application Software Required
12 Critical Dependencies
13 Supported Critical Business Processes
14 Critical Infrastructure and Service Predecessors
15 Recovery Procedures & Timelines
16 Technical Validation Procedure(s)
17 Application Recovery Procedure(s)
18 Application Test Plan(s)
19 Return to Normal Operations

Do you have questions about developing a Disaster Recovery Plan? Contact the IT infrastructure experts.

About Jeff Hauser

Solutions-oriented IT Specialist with notable success directing a broad range of corporate IT initiatives while participating in planning and implementation of information security solutions in direct support of business objectives.

Leave a Reply

Innovative Integration can help you optimize your IT infrastructure. Request a Consultation