14.1 Types of Disaster Recovery Plans


14.1 Types of Disaster Recovery Plans

There are various levels of testing that can occur to test a disaster recovery plan. The first is the most intensive, which is known as the full-interruption test. This is a full-scale drill that simulates shutting down the company site and attempting to bring up an alternate site. This is of course very intrusive to the organization as a whole, but provides the best feedback as to the effectiveness of the disaster recovery plan.

Just a bit lower on the accuracy meter, but still high on the complication and expense meter, is the simulation test. Unlike the full-interruption test where the entire organization is involved, the simulation test only involves those who are either on the disaster recovery team itself or those who support critical systems. The simulation test is an attempt to test the responsiveness of the team to a specific disaster scenario.

Most companies cannot afford or otherwise justify such extensive testing. Usually, they are interested in something that is not quite as intrusive. Another effective, but not quite as disruptive, test is known as the parallel test. During a parallel test, the disaster recovery team ensures that only critical systems can be brought online at an alternate site. Once the alternate site has been brought online, the results of any work done there are compared to the original site's output. This comparison will hopefully point out any changes that need to be made to the disaster recovery planning.

Depending on the scope of the disaster recovery plan, at a very minimum the plan should be examined and critiqued. This can be a matter of simply distributing the plan to the different departments and having them examine the plan as a whole. This helps ensure that major elements of the plan have not been omitted. The same process can also occur during some sort of face-to-face meeting where the department leaders meet and review the plan and hash out any differences in priorities or interdependencies, or simply critique the plan from the perspective of their department. The key in either situation is that if extensive testing is not possible, at the very least, review and input by as many knowledgeable people as possible will help minimize any shortcomings in the plan. Unlike the incident response plan that will have a chance to be tweaked over successive incidents, disasters are hopefully few and far between for any organization. The chance for iterative tuning of the disaster recovery plan will be quite limited.

While the chances to fine-tune the plan based on practical experience will hopefully be limited, the disaster recovery plan, like the rest of the security document, should be considered a living document and be regularly reviewed and updated. Changes to the business focus, the infrastructure, software applications, personnel changes, etc. can all affect the viability of the disaster recovery plan. For best effect, ensure that the disaster recovery document is treated in the same manner as the security policy as a whole. Schedule regular reviews and review the document when significant organizational changes occur. Include maintenance of the document in the regular review of disaster recovery team members and be sure to regularly test, train, and drill.

Here is to hoping that you never need to use the disaster recovery document. If, however, you do need to use it, make sure that you are not blowing dust off the top of it — keep the plan up-to-date and make sure you and your team know what to do when bad things happen.




Network Perimeter Security. Building Defense In-Depth
Network Perimeter Security: Building Defense In-Depth
ISBN: 0849316286
EAN: 2147483647
Year: 2004
Pages: 119
Authors: Cliff Riggs

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net