Disaster Recovery Plan Template
Business Continuity Plan
ISO 27000 - Sarbanes-Oxley - HIPAA - PCI-DSS Compliant

This Disaster Recovery Plan (DRP) can be used as a Disaster Planning template for any enterprise. The Disaster Recovery template and supporting material have been updated to be Sarbanes-Oxley and HIPAA compliant.  The Disaster Planning Template comes as a Word document and includes:

• Disaster Recovery Plan and Business Continuity Template

• Business and IT Impact Analysis Questionnaire

• Work Plan

• Disaster Planning Audit program

New are:

• Compliance with ISO 27000, Sarbanes-Oxley, PCI, and HIPAA standards

• Web Site Disaster Recovery Planning Form

• Department Disaster Recovery Activation Workbook

  • Quick Reference Guide

  • Team Alert List (Form)

  • DRP Team Responsibilities

  • DRP Team Checklist

  • Critical Function(s) Definition

  • Normal Business Hour Response Procedures

  • After Hours Response Procedures

  • DRP Location(s) Definition

  • DRP Recovery Procedures

  • Notification Procedures

  • Notification Call List (Form)

• Updated Business and IT Impact Analysis Questionnaire

• Vendor Disaster Recovery Questionnaire

• Vendor Phone List Form Updated

• Key Customer Notification Form

• Critical Resources to be Retrieved Form

• Business Continuity Off-Site Materials Form

The premium edition contains 14 full job descriptions. They are:

• Chief Information Officer

• Chief Security Officer

• Chief Compliance Officer

• VP Strategy and Architecture

• Director Disaster Recovery and Business Continuity

• Director e-Commerce

• Manager Disaster Recovery

• Manager Disaster Recovery and Business Continuity

• Disaster Recovery Coordinator

• Disaster Recovery - Special Projects Supervisor

• Manager Database

• Capacity Planning Supervisor

• Manager Media Library Support

• Manager Site Management

The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement.  The electronic document includes proven written text and examples for the following major sections of a disaster recovery plan:

• Plan Introduction

• Business Impact Analysis - including a sample impact matrix

• DRP Organization Responsibilities pre and post disaster - drp checklist

• Backup Strategy for Data Centers, Departmental File Servers, Wireless Network servers, Data at Outsourced Sites, Desktops (In office and "at home"), Laptops and PDA's.

• Recovery Strategy including approach, escalation plan process and decision points

• Disaster Recovery Procedures in a check list format

• Plan Administration Process

• Technical Appendix including definition of necessary phone numbers and contact points

• Job Description for Disaster Recovery Manager (3 pages long) - entire disaster recovery team job descriptions are available.

• Work Plan to modify and implement the template.  Included is a list of deliverables for each task. (Risk Assessment and Vulnerability Assessment)

There is a extensive section that show how a full test of the DRP can be conducted.  It includes

• Disaster Recovery Manager Responsibilities

• Distribution of the Disaster Recovery Plan

• Maintenance of the Business Impact Analysis

• Training of the Disaster Recovery Team

• Testing of the Disaster Recovery Plan

• Evaluation of the Disaster Recovery Plan Tests

• Maintenance of the Disaster Recovery Plan

Click on the link below to get the DRP/BC sample pages now and make it a part of your disaster recovery toolkit.

 

 

 

Testimonials

 

Testimonial - Dave Baker - City of Hamilton - I have found the DRP template invaluable!

Testimonial - Bob Rifenbury -MCSE/CCNA Lauch Testing Lab - The DRP Template saved me about 6 months of work!

Testimonial -  Kelly Keeler - Martin's Point Health Care - I have received and I began using the template immediately. IT IS GREAT! Made this process a snap for me. Cut my documentation time down from.  weeks to hours! This document has made, what began to be an overwhelming process turn into a snap!

Testimonial - Juan Stamos - Mexico City Corporation - We had a DRP in place, but needed a more user friendly structure.  The Disaster Recovery Template (Gold edition) has that structure.  It was very easy to quickly move our DRP into Janco's DRP Template -- a real added value.

* Update service is for 12 months unless it is purchased within 30 days of the purchase of the Template.  Janco reserves the right to validate purchase of the customer was made for the template.

 

This template is not for resale or re-distribution - Disaster Recovery Planning Template Disaster Recovery r

 

 

 

 

Live Disaster Recovery News

Metrics for Organizations with no Disaster Recovery Business Continuity Plan

According to Janco Associates, an International Disaster Recovery - Business Continuity consultancy the most common form of enterprise wide disaster is related to power outages.  Janco has found that in disaster recovery and business continuity cases it has reviewed the following is true:

• Over one third companies take more than a day to recover from a major power outage caused by events like hurricanes and extensive disasters.
• Over eleven percent of companies take more than a week to recover from these events.
• The typical time to reconfigure a network that has not been planned for can take up to 72 hours - if the resources are available.
• Data that is lost (not backup up electronically) can take weeks to re-enter if there is paper trail and if there is none the data can be lost forever.
• Over 85 percent of companies that experience a computer disaster and do not have a Disaster Recovery - Business Continuity Plan go out of business within 18 months.

 

Disaster Recovery Planning Scope

All Disaster Recovery Planning and Business Continuity Planning need to encompass how employees will communicate, where they will go and how they will keep doing their jobs. The details can vary greatly, depending on the size and scope of a company and the way it does business. For some businesses, issues such as supply chain logistics are most crucial and are the focus on the plan. For others, information technology may play a more pivotal role, and the Disaster Recovery and Business Continuity plan may have more of a focus on systems recovery.

But the critical point is that neither element can be ignored, and physical, IT and human resources plans cannot be developed in isolation from each other. At its heart, BC/DR is about constant communication. Business leaders and IT leaders should work together to determine what kind of plan is necessary and which systems and business units are most crucial to the company. Together, they should decide which people are responsible for declaring a disruptive event and mitigating its effects. Most importantly, the plan should establish a process for locating and communicating with employees after such an event. In a catastrophic event (Hurricane Katrina being a recent example), the plan will also need to take into account that many of those employees will have more pressing concerns than getting back to work.

 

Disaster Recovery Metric Defined

A proposed overall metric for Disaster Recovery is Total Time to Disaster Recovery (TTDR), which is the time it takes to backup the data, deduplication of the data, replication of the data at remote DR site, and then finally recovery of the data so it is in an operational state. This metric is all-inclusive as it takes into consideration every aspect of the backup and recovery environment into account when performing a true disaster recovery.

Recovery and data replication are the much more important ones issues that need to be considered. It is great to backup data fast, but if it takes three times as long to recover it, try to explain that to your CIO when a major application goes out and he is standing over your shoulder waiting for the data to be recovered.

TTDR includes:

• Backing up the data
• De-duplicating the data, and
• Replicating the data to the remote disaster recovery site
• Setting the data and the applications to an operational state

 

Backup For Disaster Recovery and Business Continuity Now Easier

Quantum Corp. a global specialist in backup, recovery and archive, announced two new product releases designed to help end users solve the challenges of data backup and recovery across distributed environments by improving local data protection and disaster recovery (DR) while streamlining management and reducing costs. The latest addition of disk backup solutions with deduplication and replication, the appliance is optimized for remote and branch office environments that are part of a distributed enterprise. The other software product release provides new centralized, multi-tier management and reporting capabilities for unifying backup resources, including disk and tape.

 

Disaster Recovery Business Continuity Basics

The basics of a Disaster Recovery Business Continuity Plan are defined in the Janco Disaster Recovery Business Continuity Template. They are:

• Develop the contingency planning policy statement. A formal department or agency policy provides the authority and guidance necessary to develop an effective contingency plan.
• Conduct the business impact analysis (BIA). The BIA helps to identify and prioritize critical IT systems and components.
• Identify preventive controls. Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs.
• Develop recovery strategies. Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption.
• Develop an IT contingency plan. The contingency plan should contain detailed guidance and procedures for restoring a damaged system.
• Plan testing, training and exercises. Testing the plan identifies planning gaps, whereas training prepares recovery personnel for plan activation; both activities improve plan effectiveness and overall agency preparedness.
• Plan maintenance. The plan should be a living document that is updated regularly to remain current with system enhancements.

 

New Devices Make Backup Easier to Implement

Backup and recovery while complex may be easier as media vendors release new advanced products. While many external drives now come with a physical push-button backup option, a new genre of backup devices is emerging one-touch USB flash drives that combine the convenience of small size with relatively sophisticated backup applications for data protection.

The latest to arrive is the SanDisk Ultra Backup USB Flash Drive, which combines push-button backups with SanDisk's U3 smart-drive technology that allows a user to store Windows PC user preferences, profiles and settings as well as download and launch a limited number of applications from the flash drive.

 

Disaster Recovery Business Continuity Templates Addresses Mid-sized Requirement

Mid-sized businesses have long struggled to protect their IT systems. Many firms are inadequately protected and mistakenly think that a disaster is rare and will not happen to them anytime soon.  There is a lot of confusion and misunderstanding regarding what disaster recovery encompasses and how to implement it effectively. The Janco Disaster Recovery / Business Continuity Temple provides CIO and CFO with tools that address minor and major disaster scenarios. This template also clarifies what true disaster recovery means and how backup and high availability are not true DR solutions. Janco studies the newest technology trends, such as virtualization and storage replication, which make powerful DR solutions attainable and affordable even for mid-sized businesses.

 

What is critical in creating a DRP BCP that works?

Good disaster recovery planning is about identifying those processes and resources that are truly critical, developing realistic recovery objectives for them and then developing a plan that can achieve those objectives as simply and cost-effectively as possible.

The reality is that a sophisticated DR plan that is too complex or expensive to properly maintain and test is worse than a plan that only does the minimum because it gives a false sense of security.

CIOs must make the right decisions in order to develop an effective, executable plan that allows their organization to create a process which will help them to recover critical enterprise functions after a disaster.

 

Backup Service Providers May Not Be Enough

Your data is only as safe as its most recent backup.  But what happens when you have worked on your laptop with enterprise critical data and it is lost or damaged.  You data is only as redundant as the integrity of the data that you have stored on your servers, but in this case you may have a compliance issue that you have not addressed. For companies that service customers in the cloud, if they cannot offer 99.9999% uptime and absolutely ensure data backup and restoration, they might as well not be in business.

There are a few issues at hand here. Not only must the backup provider ensure that the data is accurately and securely backed up whereby every packet and byte is accounted for, but you must also ensure that when the time comes, the data is "clean" enough to be plugged back into the system without a hiccup. It's the hiccup that companies need to avoid which is why they look for ways to backup their data to begin with, however they aren't always as proactive as the results they were expecting.

 

CIOs see Disaster Recovery and Business Continuity Budgets Slashed

Many CIOs have seen their disaster recovery budget for 2009 slashed and are wondering how they can recover when a disaster occurs.  CIOs are now looking for solution that that will not cost any money upfront. CIOs feel they can get money to recover if they have solution in place. CIOs cannot sit idly by while they roll out critical services without the safety net of Disaster Recovery / Business Continuity Plan in place - that is like skiing without a helmet or driving a car with no seat belt. For most, there is a very good chance that nothing bad will happen, but if something does go wrong, the consequences can be so severe that the overall risk is unacceptable.