Disaster Recovery Planning
Disaster Recovery PlanningCSH5 Chapter 59Disaster Recovery
PlanningMichael MioraNCopyright 2013 M. E. Kabay. All rights
reserved.Copyright 2004 M. E. Kabay. All rights reserved.1
TopicsIntroductionIdentifying Threats and Disaster
ScenariosDeveloping Recovery StrategiesDesigning Recovery
TasksImplementation and Readiness
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.2
Scope of DRPBIA* determines key functionsEstablishes sequence
for recoveryBuilds economics of case for recoveryDRP focuses on
detailed recovery strategiesAnalyze and test critical path to
recoveryMay begin while disaster in progressEstablish essential
servicesContinue through to normal operations*Business Impact
Analysis see CSH5 Ch 58NCopyright 2013 M. E. Kabay. All rights
reserved.Copyright 2004 M. E. Kabay. All rights reserved.3
TopicsIntroductionIdentifying Threats and Disaster
ScenariosDeveloping Recovery StrategiesDesigning Recovery
TasksImplementation and Readiness
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.4ThreatsCompile extensive list of
threats to operationsRely on cooperation of emergency
servicesFirePoliceFlood district managersCompiling lists is useful
in itselfDefine levels of impactHelps develop risk-mitigation
plans
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.5
Examples of Threats to Consider (from Ex. 59.1)AccidentsActs of
G-dAircraft accidentsAlchohol abuseArea evacuationArsonBoiler
explosionBomb threatBrownoutBldg inaccessible. . . .. . .
.SabotageSand stormSnow stormStrikeTerrorismTornadoUtility
failureVolcanoWater damageWater supply failureNCopyright 2013 M. E.
Kabay. All rights reserved.Copyright 2004 M. E. Kabay. All rights
reserved.6Disaster Recovery ScenariosApply survivable technologies
to mission-critical functionsE.g., eliminate single points of
failure where practicalE.g., invest in remote location for part of
corporate data processingEscalation scenariosEstablish timelines
for increasing application of recovery measuresMust plan
carefullyAvoid ambiguity in decision points
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.7Escalation TimelinesIllustrates
how DRP specifies decisions and actionsMust identify who makes the
decisionEveryone has to know exactly who has authority to move to
next phaseCannot argue about decision while disaster is in
progressMust be practiced repeatedly (see later)
Escalation TimelineNCopyright 2013 M. E. Kabay. All rights
reserved.Copyright 2004 M. E. Kabay. All rights
reserved.8Classifying the Damage
. . . .
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.9Simplifying the ScenariosUse
complete listing to identify major scenarios of concernEstablish
key scenarios; e.g.,Systems onlyPartial building unusableFull
building unusableExpect radically different DRPs for these types of
disastersEverything depends on specifics of the situation no
boilerplates
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.10Categories of
FunctionalityCategory IEssential, mission-critical and
time-sensitiveCategory IIEssential, mission-critical but later in
sequenceOtherNecessary but not immediately critical
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.11
TopicsIntroductionIdentifying Threats and Disaster
ScenariosDeveloping Recovery StrategiesDesigning Recovery
TasksImplementation and Readiness
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.12Recovery PhasesExpect to
identify 3 basic phasesContinuation of critical functions
(Continuation)Recovery of critical functions (Recovery I)Recovery
of other functions (Recovery II)See Figure 59.4 on next
slideNCopyright 2013 M. E. Kabay. All rights reserved.Copyright
2004 M. E. Kabay. All rights reserved.13CSH5 Exhibit 59.4
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.14
ContinuationBegins immediately at time of disasterSupport
Category I functions as best as possibleRespect time frames defined
by BIAConsider possible alternate task assignments for people whose
regular duties are impossibleNCopyright 2013 M. E. Kabay. All
rights reserved.Copyright 2004 M. E. Kabay. All rights
reserved.15Recovery IRestore nearly full functionality to Category
I functionsCan start shortly after Continuation Phase has
stabilizedBut usually starts quickly during Continuation
PhaseMinimize period of degraded functions for Category IUse
overlapping recovery to degree possibleNCopyright 2013 M. E. Kabay.
All rights reserved.Copyright 2004 M. E. Kabay. All rights
reserved.16Recovery IIContinue recovery of lesser, later
functionsAll of these timelines are plannedDo not assume that you
can play it by earNo time to debate and discuss critical path
during recovery phasesNCopyright 2013 M. E. Kabay. All rights
reserved.Copyright 2004 M. E. Kabay. All rights reserved.17Range of
Strategies for DRP
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.18Data Backup ScenariosData backup
is a key function in all system installations. The best recovery
strategy, chosen to meet recovery timelines according to the BIA,
is useless without a backup from which to restore and resume
operations. Data backup is perhaps the single most critical element
of a disaster recovery plan, yet only 31 percent of U.S. companies
have backup plans and equipment. Michael Miora, CSH5 59NCopyright
2013 M. E. Kabay. All rights reserved.Copyright 2004 M. E. Kabay.
All rights reserved.19
TopicsIntroductionIdentifying Threats and Disaster
ScenariosDeveloping Recovery StrategiesDesigning Recovery
TasksImplementation and Readiness
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.20The Overall Plan
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.21Beginning Sequence
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.22Middle Sequence
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.23End Sequence
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.24
TopicsIntroductionIdentifying Threats and Disaster
ScenariosDeveloping Recovery StrategiesDesigning Recovery
TasksImplementation and Readiness
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.25RehearsalsPhased
testingBottom-up approachLimited tests in restricted areasIntegrate
tested procedures in larger aggregationsIdeally, use separate test
facilitiesInvolve real users
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.26Intensive Record-KeepingAssign
scribes who observe and take notes in rehearsals Have time-keepers
with stop-watches to help scribesUse video-cameras where possible
(use time-stamps)Useful for intensive analysis of errorsLeads to
rapid corrections and improvements
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.27
Walk-Through or Post-Mortemfor Rehearsals AND Real DRPAnalyze
cases with all concernedNot for assigning blame!Constructive
discussions as teamsEgoless work essentialEveryone benefits from
identifying problemsAnalyze causes, not just symptoms"St Jerome and
the Angel" by Simon Vouet 1620s, National Gallery of Art,
WashingtonNCopyright 2013 M. E. Kabay. All rights
reserved.Copyright 2004 M. E. Kabay. All rights reserved.28
TestingAs plans mature, need increasingly real testsSchedule
tests during off-timeInvolve people from all sectorsPractice
responses, decisionsInvent unexpected scenarios to stress the
plansMEASURE the results and analyzeNCopyright 2013 M. E. Kabay.
All rights reserved.Copyright 2004 M. E. Kabay. All rights
reserved.29Live TestsMost difficult to arrangeDO NOT TRY TO
SURPRISE PEOPLECan themselves result in disaster if not carefully
plannedIdeally, use sectional tests with unannounced times (but
with advance notice of general plans)If possible, plan for
simulated tests on weekendsShould schedule at least one full test
per year
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.30Training FilmReady for Anything
(used in BCP)Commonwealth FilmsYou can use this film for extra
points (see later)
NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.31Review Questions (1)Why is
compiling lists of possible threats helpful in DRP?What is an
escalation scenario in DRP? What are the required attributes of the
escalation scenarios?How can one simplify an extensive list of
possible disasters for the purpose of DRP?What are Mioras three
categories of functionality in DRP?What are Mioras three phases of
recovery in DRP?Why are reciprocal agreements so badly rated in the
range of recovery strategies discussed in CSH4 Chapter
43?NCopyright 2013 M. E. Kabay. All rights reserved.Copyright 2004
M. E. Kabay. All rights reserved.32Review Questions (2)What are the
characteristics of the ideal DRP strategy (one that may not be
attainable in practice)?Which of the strategies for DRP rates the
highest in attaining the ideal?Why is data backup such an essential
component of DRP?Why are rehearsals such an important element of
DRP?What are the essential ground rules of a walk-through in a DRP
analysis of a rehearsal or test?NCopyright 2013 M. E. Kabay. All
rights reserved.Copyright 2004 M. E. Kabay. All rights
reserved.33DISCUSSIONNCopyright 2013 M. E. Kabay. All rights
reserved.Copyright 2004 M. E. Kabay. All rights reserved.34
