How well do you know your own organization? Assessing your need for Disaster Recovery should be an intensive examination that may even teach you some things you didn’t know about it. Because what you want to establish is the scope of a potential DR program, and scope is firmly tied to the fundamental aspects of the what, where and how your organization does its business, and the things that are most critical to it.
In order to determine the scope of an appropriate DR program for your organization, you need to step back to the beginning of the process and be able to look at the big picture. What is your mission? You need to be able to identify your key products and services. You need to determine how important these are to sustaining your customers, your clients, your core business.
Step Back For A Big Picture Analysis
This big-picture analysis must thoroughly consider your customers. How do your customers interact with your key products and services? Where and how do you provide customer service? What are the most important things driving your revenues and margins?
Stepping back and examining these aspects of your organization in an objective way allows you to prioritize them, which helps you determine what the scope of a disaster recovery program will be. Your first disaster recovery focus will be on those locations critical to activities that are most important for sustaining your business.
The step-back approach allows you to see the workarounds, back-up, or contingency systems you need in place in order to continue delivering the most critical products and services to your market. When you’re looking at DR, you are looking at sites and a collection of systems that may be operating out of those sites.
A DR program seems more real and less theoretical when it is tied to threat mitigation measures that are aimed at a specific group of systems, as opposed to the organization as a whole. This approach tends to make your disaster recovery maintain focus at higher-value collections of threat mitigation measures – for example, making sure you have continuous power, security & access, cooling, and anything else that’s critical for running and protecting computers and data centers.
Be Prepared to Consider All Scenarios
A step-back analysis may also inspire you to scope your DR plans to include particular, specialized hazard scenarios. You may be particularly mindful of threats from wind or water or earthquakes or terrorism, or even gross miscalculations and employee error. If so, you may feel it necessary to adjust your disaster recovery focus to offset those specific things.
The scope of your DR plans may also be reconsidered in light of current events. For example, the recent terrorism strikes in Paris would most certainly inspire organizations in similar geo-political areas to re-examine their disaster recovery focus to take into account their evolving threat landscape.
The key point is this: your organization is less likely to develop an appropriate Disaster Recovery program without a thorough self-analysis and an exhaustive examination not only of your most critical systems and functions, but also of any and all threats those systems and functions face.
