The IT Disaster Recovery Test as part of the Business Continuity testing is becoming an annual event for most IT departments. It is mandated by a lot of regulators, nearly insisted upon by internal audit and ofcourse a very healthy thing to do.
But performing the IT DRP test without proper risk management can put your organization at significant risk.
To put things into perspective, let's analyze the steps, risks and countermeasures of an IT Disaster Recovery test:
|DRP Test Step||Activity||Risks||Countermeasures|
|1. Failure of primary systems||In order to perform a disaster situation, the Primary systems need to be caused to fail on some level|
|2. Activation of Disaster Recovery systems||Severing any relation between the DR and the primary systems and running the DR systems as temporary primary|
|3. Reconfiguring the user environment||Intervening in the end-user environment in a way that will make them use the DR system|
|4. Reverting to the primary systems||Resuming the primary systems at some level and reestablishing the relation between the DR and the primary systems|
With all these risks, is it more prudent to never perform an IT DRP test? - Absolutely NOT, and here is why:
- Performing the IT DRP test actually confirms that things are running, and if something breaks, you are much more prepared for the next time.
- Not performing the test will just make you think everything is great, until the incident occurs. And the incident is just as certain as death and taxes
Talkback and comments are most welcome
iPhone Failed - Disaster Recovery Practical Insight
Business Continuity Analysis - Communication During Power Failure
Business Continuity Plan for Brick & Mortar Businesses
Example Business Continuity Plan For Online Business