A disaster recovery plan and evacuation siren systems are important factors when faced with emergencies. This applies to various areas, including the field of computer security, is the set of technological measures and logistical or organizational measures to restore systems, data and infrastructure necessary to provide business services to companies, associations or institutions, in the face of severe emergencies that affect regular activities.
The Disaster Recovery Plan (DRP) is a document that spells out such measures. It is part of the wider Business Continuity Plan (BCP). For a correct application of the plan, the systems must be classified according to the following definitions :
Its functions cannot be performed without being replaced by tools (means) of the same type. Critical applications can not be replaced by manual methods. The tolerance in the event of interruption is low consequently the cost of an interruption is high.
The relevant functions can be performed manually but only for a short period. There is an increased tolerance to the interruption than that provided for critical systems, consequently, the cost of an interruption is lower because these functions can be reactivated within a short interval of time (generally within five days).
These functions can be performed manually, at tolerable cost, for a long period. Although these functions can be performed manually, their performance is however difficult and requires the use of a number of people in higher than normally expected under normal conditions.
Their functions may be interrupted for a long period with a modest or no cost to the company and requires limited (or no) effort to restart when the system is restored.
The application procedures, system software and files that have been classified and documented as critical must be restored. Applications, software and files classified as critical have a very low tolerance for interruptions. The criticality of applications, system software and data should be considered depending on the time of year when the disaster can happen.
A contingency plan should provide for the recovery of all business functions and not just the ICT service center. DRP must be evaluated on the most appropriate recovery strategies : alternative sites, back up methods, replacement of equipment and the roles and responsibilities of the team.
The prolonged unavailability of the elaborative service arising in particular from the disaster situation, and therefore of primary services, necessitates the use of evacuation siren systems and a recovery strategy in the alternative site.
The impact of these emergencies is such that it is estimated that most large companies spend between 2% and 4% of their IT budget on disaster recovery management planning in order to avoid larger losses in case activities can not continue due to the loss of data and IT infrastructure.
Leave a Reply