Why and How You Should Integrate Your Disaster Recovery Plan into Your IT Service Management

A well thought out and appropriately written Disaster Recovery Plan can be the major difference in how fast your business can be up and running following an interruption in your IT operations.

istock 511068092

A well thought out and appropriately written Disaster Recovery Plan can be the major difference in how fast your business can be up and running following an interruption in your IT operations. But, even when a Disaster Recovery Plan seems to meet the needs of your business, there’s always the possibility it may not be optimal. That’s because most Disaster Recovery Plans are focused on major IT disasters.

However, it’s far more likely that an interruption in your IT service operations will result from less-dramatic causes, such as a server failure or an Internet connection outage. So, disasters need to be viewed on a continuum. Your Disaster Recovery Plan needs to account for the entire range of possible disasters, from isolated ones, like a disk failure, to a major catastrophe, for example a fire or a natural disaster.

How do you make sure your Disaster Recovery Plan covers the entire spectrum of possibilities? The answer is to manage your Disaster Recovery Plan as an extension of your IT service management.

Why integrate Disaster Recovery Plan into your IT Service Management?

By accounting for disaster scenarios in your IT service management processes, you can integrate disaster recovery thinking into normal IT operations. This will reduce the possibility of extended system outages in a disaster, as well as provide you with a complete action plan for any incident, large or small.

What happens if the disaster is less obvious? Do you know when to escalate those seemingly less harmful incidents and begin to initiate recovery procedures? By integrating your Disaster Recovery Plan into your overall IT service management processes, it becomes much clearer when it’s necessary to invoke disaster recovery procedures, rather than continuing to try and troubleshoot your way out of the situation.

Knowledge is power, so the more you know about your systems and what to do in case of failures of any size, the less likely you are to experience a long service interruption.

How to integrate your Disaster Recovery Plan into your IT service management

One of the best ways you can start the integration between your Disaster Recovery Plan and your IT service management is by performing a Business Impact Analysis on all your IT systems. The Business Impact Analysis focuses on prioritizing the components of your IT systems, which will help you to determine and document which of your systems are Mission Critical, Important, or Not Important for your day-to-day operations.

Starting with your Mission Critical components, here is a list of steps to follow to implement your Disaster Recovery Plan and regular IT services management together:

  • Step 1. Determine the impact of downtime and, if needed, reassess the criticality you’ve assigned to the component.
  • Step 2. Identify any system dependencies that exist.
  • Step 3. Perform a risk assessment to determine where to prioritize your investments to meet your Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO).
  • Step 4. Once you have the Mission Critical guidelines completed, continue with the same process for your Important systems and then your Non-Important systems.

What should you consider when integrating your Disaster Recovery Plan with your IT service management?

There are three critical elements to consider for integrating your Disaster Recovery Plan with your IT service management: prioritizing the severity of the disasters that could occur, defining appropriate escalation time frames, and defining Disaster Recovery timelines and goals.

  • Element #1: Prioritizing Disaster Severity

Disasters don’t start with equal priorities. The response to a disaster that takes your entire system offline will be much different than a failure of a single component. Therefore, you should review all possible issues that could happen and assign each of them a priority level that’s based on the impact it could have on your business. For example, obvious disasters might have a severity level of 0. Critical issues might be level 1. Urgent issues might be level 2, and so on.

  • Element #2: Escalation Time Frames

While a level 0 disaster would result in the immediate execution of your Disaster Recovery Plan, lower level incidents could likely be first handled by your troubleshooting team as part of your IT service management. But, to avoid the possibility of an extended system outage, you need to have clear time frames on when troubleshooting stops and disaster recovery begins.

  • Element #3: Disaster Recovery Timelines and Goals

No matter when your Disaster Recovery Plan is activated, clear timelines and goals (i.e. RTO and RPO) need to be in place.


Disaster Recovery Planning – Do’s and Don’ts

When implementing a Disaster Recovery Plan, there are a few things you should do, and some things you shouldn’t. See below some Disaster Recovery Planning Do’s and Don’ts.


Disaster Recovery Planning – Do’s

There’s no point in having a Disaster Recovery Plan that can’t be followed in an actual disaster, so your Disaster Recovery Plan documentation needs to be concise, easy to scan, and effective. In our experience, visual-based documentation (flowcharts, checklists, and diagrams) meets these requirements and it is much more likely to result in a successful Disaster Recovery. After all, a picture is worth a thousand words!

  • Flowcharts: Flowcharts provide an at-a-glance view, which is ideal for disaster situations where the pressure is high and quick communication is vital. Flowcharts can be used to document process flows or give a high-level overview of more detailed procedures.
  • Checklists: Checklists provide a quick list of steps to take for any part of a Disaster Recovery Plan (as well as a means of recording that the steps were taken, if desirable). Checklists are ideal in helping improve the speed and accuracy of performing Disaster Recovery Plan tasks. Use checklists when staff just needs a reminder of what to do, not how to do it.
  • Diagrams: Use topology diagrams to capture your network layout, integrations and system information. Diagrams are useful in that they can help put context to flowcharts and checklists.


Disaster Recovery Planning – Don’ts

Today, the majority of businesses with a full or mostly completed Disaster Recovery Plan actually feel their plan would not be effective in a crisis. Why is that?  Some might say it’s because they’ve engaged in some of the following don’ts of Disaster Recovery Planning:

  • Don’t make your Disaster Recovery Plan a traditional user manual with detailed and lengthy descriptions and procedures. This is not an effective document in an actual disaster. You won’t have time to read through a lengthy document.
  • Don’t underestimate the importance of having a Disaster Recovery Plan. While recognizing Disaster Recovery is important, businesses often place a low priority on creating a Disaster Recovery Plan and the day-to-day Standard Operating Procedures required to support a recovery.
  • Don’t assume your Disaster Recovery Plan will be effective without updates. Disaster Recovery Plans should be reviewed, at minimum, on an annual basis. There is often a lack of effective processes for ensuring the Disaster Recovery Plan is updated regularly.
  • Don’t create a Disaster Recovery Plan just for the sake of having one. Creating the documentation for a Disaster Recovery Plan can take a large amount of time. Don’t waste effort on producing documentation that may satisfy auditors or business leaders, but will prove unusable during a real crisis.


Improve the Success of your Disaster Recovery Plan

Your Disaster Recovery Plan is likely to be more successful in more scenarios by integrating it with your regular IT services management. Need a little help? Work with an experienced organization, like ProServeIT, to help you achieve successful integration of your Disaster Recovery with your IT service management. If you’d like to learn more about Disaster Recovery, watch this on-demand webinar at your leisure.

About ProServeIT

As a multi-award-winning Microsoft Gold Partner, ProServeIT has been helping organizations of all sizes increase their efficiency, eliminate their “IT debt” and apply a security lens to everything they do. ProServeIT understands that every organization has different needs and challenges, and will work with you to understand your organization’s culture, your customers, and what’s most important t you as a company. Providing customized solutions that help you simplify your IT infrastructure, increase your team’s productivity, and grow your business, ProServeIT can use their expertise and experience to digitally transform your business.