14 December 2023

Are you ready for the unexpected?

When did you last review the contents of your IT disaster recovery plan and put it to the test?

An effective IT disaster recovery (DR) plan is essential to ensure that business continuity can be maintained in the face of any unforeseen events.

If not regularly reviewed and updated then there are implications for the effectiveness of the plan should it be called into action.

A cartoon of people in a boardroom reviewing their IT Disaster Revovery plan with the caption 'Here's our current disaster recovery plan. I'm not super confident in it..."

Disaster Recovery Quiz

1. Is your DR Plan up to date?

2. Are the device or server names still correct?

3. Is your DR Plan comprehensive enough so someone other than your normal day to day engineer(s) can run the plan?

4. Does it have sequencing and detailed steps?

5. Do you have individual system plans where needed?

6. Have you performed a business impact analysis with your business functions to understand what your critical systems are?

7. Can the underlying IT technology and disaster recovery strategy meet those business need – i.e. Recovery Time Objectives (RTO’s) and Recovery Point Objectives (RPO’s)?

8. How do you manage changes in your IT environment to ensure your DR plan remains effective?

9. Has your DR plan been tested in a live failover?

10. What smoke tests did you perform, and were they adequate?

11. What were the learnings from your DR test, and have you implemented those corrective actions?

12. Does your secondary failover site have enough compute power and storage capacity to run your production workloads?

13. Is your backup off-site placed locally or out of region?

14. Have you tested the restoration of your backups?

15. What processes do you have in place to validate the integrity of backups?

16. How long do you think it would take to restore your critical systems from backups if needed?

17. Do you conduct regular third-party audits of your DR and backup systems?

18. Do you have an incident management plan that covers major incidents and when to invoke the IT DR plan?

19. What playbooks do you have covered? – eg have you covered a ransomware scenario or total loss of your primary site production facilities etc

20. What communication plans do you have in the event of disaster, can you reach everybody and have you listed their contact details (including critical suppliers)?

21. How dependent are you on external vendors for your DR and backup solutions?

22. What are your critical external vendors’ approach to DR and do they have a plan?

23. Do you have sufficient insurances to recover from an IT disaster?

Hopefully you’ve been able to provide answers to the questions listed above.

If you would like to discuss DR planning and testing with one of our consultants then feel free to drop us a note.

 

Merry Christmas Message from Kaon Security

 

Cyber risk - what do you know about your Vendors, Partners and Service Providers? >

Contact Us Today

Fill in the form below or call us on +64 9 570 2233