IT DR Plan Development
Information Capture
Teed’s consultant will facilitate discussions with ICT representatives and review of existing documentation (response and incident management procedures, playbooks, network diagrams, systems/server lists, policies, supplier contracts etc.).
This will allow an overarching IT Disaster Recovery (DR) Plan to be produced by Teed, incorporating the required information, process flows and checklists. The DR Plan ensures a controlled response and recovery in the event of a range of scenarios:
- Loss of a data centre
- Cloud service failure
- Cybersecurity incident
- Single application going down
- Denial of access
- Network issue
- Supply chain disruption
Structuring Response Documents
Typically, the IT DR Plan is designed to link in with existing response and incident escalation procedures whilst sitting above technical recovery procedures, response playbooks and other relevant technical documentation.
There are occasions when it is more appropriate to produce a single Major Incident Plan that combines all elements of the response, escalation and recovery for cybersecurity, physical, or other events that disrupt IT services.
Teed’s consultant will help determine the appropriate way to structure response plans and procedures to ensure that they work effectively when invoked and their maintenance does not create unnecessary work. Select technical recovery procedures and response playbooks can also be produced by Teed consultants to help guide ICT representatives and enable them to take responsibility for producing and maintaining these detailed documents.
Incident Escalation & Communication
Views will be sought from representatives on the likely triggers and/or situations that would signal a DR level incident to enable initial declaration and subsequent escalation at appropriate points. Response team roles and responsibilities will be clarified and documented to provide a clear indication of team participants and activities.
Communication channels and protocols will be defined, with a useful approach being to map out all the key internal and external stakeholders who would be communicating with each other, stating the type of information that would be shared between these parties. This helps ensure incident communication is effectively managed and controlled.
Consideration will be given to existing incident management procedures and escalation tiers across the organisation to ensure technology response structures link in accordingly.
Solution Implementation
Alongside the DR Plan, a DR Actions List is produced that prioritises all activities to be taken pre-incident to ensure technology risks are effectively managed and the DR Plan and resilience, response, and recovery capabilities will work in practice.
When writing the DR Plan checklists, Teed will be questioning at every stage whether there is any further preparation required. For example:
- Would response documents and associated information be readily available in the event of all foreseeable circumstances? It can be embarrassing at best, and business continuity threatening at worst, to find that the IT service or data centre impacted by the incident holds all the necessary instructions and passwords to facilitate recovery
- Is there sufficient guidance included in the response documents, and a good cross transfer of knowledge, to allow an effective recovery to be achieved should key individuals be unavailable on the day of the incident? Sometimes it is necessary to simply state the obvious, just in case
- Are there any further actions required to ensure workarounds, contingencies, solutions will work in practice? For example, could key data exports into a separate environment be useful
It is essential that the DR Plan, associated response documents and capabilities are validated and built upon as part of a structured test and exercise programme.
A DR Plan cannot just sit on a, physical or virtual, shelf gathering dust, it needs to be a dynamic document to ensure a controlled and effective response when faced with a major disruption to information, communications, technology.