Disaster Recovery Plan - Business Continuity Plan Template


ISO 27000 ( formerly ISO 17799 ) - Sarbanes-Oxley - HIPAA - PCI-DSS Compliant

OrderDownload Table of ContentsLessons Learned

Data center and information systems infrastructure are the backbone enabler's of most companies’ critical business processes. When organizations experience a major disaster or disruption, ensuring operational continuity for critical business processes requires that IT and electronic data be recovered in a timely manner.

The IT Disaster Recovery Business Continuity Template delivers a proven solution designed to protect and, if necessary, relocate critical information systems to alternate data center facilities. The Disaster Recovery Business Continuity Template does this by employing a comprehensive strategic and tactical planning approach that aligns recovery solutions with key business requirements and tolerances for disruption. The Disaster Recovery Business Continuity Template also delivers an actionable recovery plans that will direct your staff to respond to events beginning from the point of an initial data center disruption through alternate site relocation, operational recovery and return to your home facilities.

The Disaster Recovery Business Continuity Template has helped hundreds of organizations across a broad spectrum of industries in the creation of actionable Disaster Recovery and Business Continuity plan. DRP BCP Audit Program

This Disaster Recovery Plan (DRP) can be used as a Disaster Planning template for any enterprise. The Disaster Recovery template and supporting material have been updated to be Sarbanes-Oxley and HIPAA compliant.  The Disaster Planning Template comes as a Word document and includes:

  • Disaster Recovery Plan and Business Continuity Template
  • Business and IT Impact Analysis Questionnaire
  • Work Plan
  • Disaster Planning Audit Program
  • Incident (Media) Communication Plan/Policy

Features include:

  • Disaster Recovery PlanningCompliance with ISO 27000 ( ISO 27001, ISO 27002, and ISO 27031), Sarbanes-Oxley and HIPAA standards
  • Web Site Disaster Recovery Planning Form
  • Department Disaster Recovery Activation Workbook
    • Quick Reference Guide
    • Team Alert List (Form)
    • DRP Team Responsibilities
    • DRP Team Checklist
    • Critical Function(s) Definition
    • Normal Business Hour Response Procedures
    • After Hours Response Procedures
    • DRP Location(s) Definition
    • DRP Recovery Procedures
    • Notification Procedures
    • Notification Call List (Form)
  • Updated Business and IT Impact Analysis Questionnaire
  • Vendor Disaster Recovery Questionnaire
  • Vendor Phone List Form Updated
  • Key Customer Notification Form
  • Critical Resources to be Retrieved Form
  • Business Continuity Off-Site Materials Form
The premium edition contains full multi-page job descriptions for:
  • Chief Information Officer
  • Chief Security Officer
  • Chief Compliance Officer
  • VP Strategy and Architecture
  • Director Disaster Recovery and Business Continuity
  • Director e-Commerce
  • Director Media Communications
  • Manager Disaster Recovery
  • Manager Disaster Recovery and Business ContinuityDisaster Recovery Coordinator
  • Disaster Recovery - Special Projects Supervisor
  • Manager Database
  • Capacity Planning Supervisor
  • Manager Media Library Support
  • Manager Site Management; and
  • Pandemic Coordinator

The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement.  The electronic document includes proven written text and examples for the following major sections of a disaster recovery plan:

  • Plan Introduction
  • Business Impact Analysis - including a sample impact matrix
  • DRP Organization Responsibilities pre and post disaster - drp checklist
  • Backup Strategy for Data Centers, Departmental File Servers, Wireless Network servers, Data at Outsourced Sites, Desktops (In office and "at home"), Laptops and PDA's.
  • Recovery Strategy including approach, escalation plan process and decision points
  • Disaster Recovery Procedures in a check list format
  • Plan Administration Process
  • Technical Appendix including definition of necessary phone numbers and contact points
  • Job Description for Disaster Recovery Manager (3 pages long) - entire disaster recovery team job descriptions are available.
  • Work Plan to modify and implement the template.  Included is a list of deliverables for each task. (Risk Assessment and Vulnerability Assessment)
There is a extensive section that show how a full test of the DRP can be conducted.  It includes

  • Disaster Recovery Manager Responsibilities
  • Distribution of the Disaster Recovery Plan
  • Maintenance of the Business Impact Analysis
  • Training of the Disaster Recovery Team
  • Testing of the Disaster Recovery Plan
  • Evaluation of the Disaster Recovery Plan Tests
  • Maintenance of the Disaster Recovery Plan

Click on the link below to get the DRP/BC sample pages now and make it a part of your disaster recovery toolkit.

OrderDownload Table of Contents

Testimonial - Dave Baker - City of Hamilton - I have found the DRP template invaluable!

Testimonial - Bob Rifenbury -MCSE/CCNA Launch Testing Lab - The DRP Template saved me about 6 months of work!

Testimonial -  Kelly Keeler - Martin's Point Health Care - I have received and I began using the template immediately. IT IS GREAT! Made this process a snap for me. Cut my documentation time down from.  weeks to hours! This document has made, what began to be an overwhelming process turn into a snap!

Testimonial - Juan Stamos - Mexico City Corporation - We had a DRP in place, but needed a more user friendly structure.  The Disaster Recovery Template (Gold edition) has that structure.  It was very easy to quickly move our DRP into Janco's DRP Template -- a real added value.

* Update service is for 12 months unless it is purchased within 30 days of the purchase of the Template.  Janco reserves the right to validate purchase of the customer was made for the template.

 

This template is not for resale or re-distribution - Disaster Recovery Planning Template Disaster Recovery Guide

 

Learn more about Data Destruction

 

Disaster Recovery Business Continuity News

[New Topic]

Disaster Planning

Whether you arfe a one-man operation or an international corporation, your business relies on a set of core processes used by people in specific roles who require certain IT systems and data. When disaster strikes, these people need to find a way to keep these processes up and running.

But too often, DR strategies focus more on the type of disaster than the particular business processes you need to protect. Focusing on the business instead of merely on the disaster helps to ensure your business can survive many challenges you might never have considered.

 Order Disaster Plan TemplateDisaster Plan Sample

This disaster recovery plan template is a road map for how businesses of all sizes can develop an effective business continuity plan designed to minimize the impact of disasters and reduce risk of time, money, valuable data, and reputation.

- more info

Disaster Recovery Business Continuity Strategy Definition

One recent survey finds that onetime events, such as the Japanese tsunami, the Arab Spring, and Europe's sovereign debt crisis, exposed vulnerabilities in private companies' business continuity preparedness. Among the chief executives surveyed only a minority say they are very confident that their current risk management strategies will prove effective over the next few years, with nearly one-third (29 percent) citing the need to revisit those strategies.

Disaster Types

 Order Disaster Plan TemplateDisaster Plan Sample

The need to revisit business continuity strategy was also cited by a greater percentage of companies that have over seas operations (39 percent), compared with US-only companies (21 percent). International companies are also more alert to the threat and potential effects of low-probability, high-impact events: 81 percent of companies that feel a need to revisit business continuity plans in light of last year's events.

Among companies that are changing their business continuity plans, there seems to be a disconnect between where they think their focus should be and where it actually is. While most of them (87 percent) agree that they need to focus more on planning for a broad range of emerging risks, the bulk of their business continuity effort (70 percent) goes into preparing for known, recurring risks; a considerably smaller 30 percent of their effort goes into planning for as-yet-unknown events.

- more info

A business continuity plan defined

A business continuity plan is a users' guide - the documentation - for how to preserve an organization.  In order for a plan to be useful, it must be created before an interruption occurs.  Business continuity is disaster recovery.  Lost revenue is a driving force in business continuity.  The reason to do a recovery plan is essentially to keep the funding coming in and the services going, and the clients being served.

  • Emergency planning are those procedures and steps done immediately after an interruption to business.
  • Disaster recovery are the steps taken to restore some functions so that some level of services can be offered.
  • Business continuity is restoration planning, completing the full circle to get your organization back to where it was before an interruption.

 Order Disaster Plan TemplateDisaster Plan Sample

MTO Disaster Timeline

- more info

Business Continuity Planning 101

Disaster Business Continuity

The basic process for developing a business continuity plan is:

Order Disaster Plan TemplateDisaster Plan Template

  • Create a business continuity planning team: Members should be from operations management, the chief security officer, the IT department, legal staff, and human resources.
  • Define leadership roles: Determine which executives and employees are critical to operating the business (and supporting customers) that need to have access to key systems and information at all time.
  • Assume the worst and plan for needed extra capacity: Before an event occurs, businesses need to plan ahead for increased network bandwidth and secured remote access requirements.
  • Define emergency voice and data communications solutions: There are many to choose from, but a SSL VPN is one of the leading solutions to provide flexible, remote access, which is essential to any business continuity plan.
  • Define access points for operations, network and IT: Create a business continuity portal for employees and partners. If the company has an Intranet, this site becomes command central from which employees can access information - HR policies, emergency contacts and a "start here" feature should be included.
  • Contract for a secondary back-up site: Should the primary site be unavailable, companies should have a real-time mirror of data and staff housed at a secure facility.
  • Backup data: In the event that the secondary site is unavailable, organizations should plan for multiple layers of failover.
  • Plan to utilize smartphones and tablets: With mobile devices and "wireless networks", IT departments can leverage these tools to ensure complete connectivity in times of emergencies.
  • Pre-arrange Internet meeting capabilities: In the event of an office closure, employees still need to communicate internally or with external parties (i.e. suppliers, customers). Implement the technology before it is needed
  • Review number of sites and VPN gateways: Conducting an annual audit to provide a complete picture of your network and the ability to address problem areas before a disaster strikes.
  • Test and  test again: These 'fire drills' enable the business continuity team to see how the current system is working, especially when employees are accessing information from remote locations (i.e. from home, a relative's house, and hotel). Once complete, those in management, IT and human resources can modify their business continuity plan accordingly.
- more info

Many large companies believe they are immune to disasters

Disaster Strikes Amazon - Europe down for two days

A lightning strike knocked out servers at Amazon's only European data center and the provider has warned some of those affected face delays of up to two days before they get back online.

Preparing for Disaster

     

Amazon has told its EC2 customers in Europe some of them could face outages of as long as 24 to 48 hours as the cloud provider struggles to recover from a lightning strike that disrupted power supplies to its Dublin, Ireland data center. It took 3 hours to recover the first of the affected instances last evening European time (midday Pacific Time) and after almost 12 hours a quarter still remained offline, with knock-on effects slowing their likely recovery time.

- more info

Small business interruptions often become full scale disasters

DRP/BCP Security Templates
Many business interruptions which can be classified as disasters  are caused by infrastructure outages or human error, but they can also be the result of random power outages, natural disasters or international events. Clearly, any of these disruptions can be costly and undermine your ability to maintain IT operations. Unplanned outages can also create far-reaching consequences that impact your long-term revenue stream, your brand and ultimately, your organization’s survival. Forward-thinking leaders are experiencing a wake-up call, recognizing that the probability and types of risk to business continuity are higher than commonly believed, and they are taking steps to improve their resiliency capabilities.

Disaster Types

Order Disaster Plan TemplateDisaster Plan Template

Supply chain interdependencies, increasing regulatory requirements and geographically dispersed businesses encompassing everything from traditional storefronts to online operations, organizations are facing intense pressure to improve performance, maintain continuous availability and ensure data integrity. Areas of concern that organizations need to focus on include enterprise and work area risk, availability of critical data and business applications, IT stability, recoverability of IT infrastructure, data backup and disaster recovery.

They also need to determine the constantly changing governmental and industry regulations associated with business continuity that apply to them and have a plan in place to manage compliance. Meeting these demands in a global economy means today's enterprise must be highly resilient and able to anticipate multiple risks. At the same time, organizations should be prepared to withstand unexpected disruptions of all types while remaining poised to take advantage of new opportunities.

- more info

Disaster Reovery Planning

Preparing for Disaster

Effective disaster recovery planning depends on the people involved.  The resulting strategies and procedures are born out of cooperation and collaboration, combining requirements, strategies and steps to form a cohesive program for employee safety and business continuity.  To create a full-fledged program for disaster recovery, the right resources must be pulled together, at the right time, and for the right purpose.

Order Disaster Plan TemplateDisaster Plan Template

- more info

Disaster planning needs to consider political violence and terrorisim

Cloud DRP Security
Incident Communication PolicyThe Terrorism and Political Violence Map shows increased risk of political violence in the Middle East and North Africa, reflecting the significant turbulence of the Arab Spring uprisings in the region. The risk of coup d'etat and rebellions in Africa reflect a continent that presents a significant political violence risk. Civil unrest and employment disputes arising from austerity measures in Western European nations such as Greece, France, Spain and the UK are also reflected on the map. Meanwhile, terrorism continues to severely afflict established conflict zones like Iraq, Afghanistan, Pakistan and Somalia as well as parts of Nigeria and the Sahel region. The threat of occasional acts of international terrorism remains significant for most Western nations and major powers.

Disaster Plan

Explosion, Terrorist Attack, or Random act of Violence

  Order BCP Sample BCP

- more info

Core backup and recovery concerns

Backup PolicyCIOs and IT Managers need to consider manadated compliance requirements

  • Question that need to be answered are:
  • Is our data safe in transit and at rest?
  • What prevents hackers from gaining access to our data?
  • Is our data properly handled, stored, and deleted?
  • Who can access our data?
  • What are the benchmark measurements?
  • Is our data backup strategy compliant?
  • Will our recovery be successful?
- more info

How long should it take to create a business continuity plan?

Disaster Business Continuity

Business continuity planning is a continual process, and not something that is done once and filed away to be used in an emergency. In error many organisations treat the creation of a business continuity plan as a normal project, subsequently deploying the plan and handing over to an operational department for maintenance.

In most organizations, DR is the quintessential complex, unfamiliar task. Disasters happen so rarely that recovery operations are the opposite of routine. What's more the myriad, interconnected data, application and other resources that must be recovered after a disaster make recovery an exceptionally difficult and error-prone effort.

How to create a business continuity plan...

- more info