Professional Documents
Culture Documents
2
3
4
SNo
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Description
Disaster Recovery - DR Plan
Verify the DR Plan was approved by all appropriate parties.
Verify the DR Plan lists the resources and infrastructure needed to restore the business process and its supporting assets.
Verify the DR Plan lists the steps which must be executed in order to implement the business process' recovery.
Verify the DR Plan includes the business process recovery activities and service commitment requirements from third party
Suppliers of Service (includes both vendors and divisions providing support)
Description
Disaster Recovery - DR Test
Verify the DR Test objectives were approved by all appropriate parties and prior to the test.
Verify the most recent DR Test was executed on time according to the required test interval.
Verify the most recent DR Test results included documented test requirements and criteria for a successful test.
Verify the most recent DR Test results included user acceptance requirements, including the person(s) responsible for
declaring a successful test and that any deficiencies were documented.
Verify the most recent DR Test results included user sign-off acceptance of a successful execution of the DR Plan
Disaster Recovery - Can you demonstrate delivery against DR Contractuals and risk management of any delays /scope
changes etc
Disatster Recovery vs Contract
DR Test Objectives
DR Test assumptions
DR Test Results
DR Test issues tracking
DR Test solution
rto rpo
#1: Analysis of potential threats
#2: Areas of responsibility
#3: Emergency contact information
#4: Recovery teams
#5: Off-site backup of important data
#6: Backup power arrangements
#7: Alternative communications strategy If your company's phon
#8: Alternative site of operations
#9: Essential equipment/services backup
#10: Recovery phase The BCP should addre
If your company's phones and/or Internet connection are down, how will you keep in touch with customers, employees who ar
The BCP should address the step-by-step process of recovering and reinstating the business operations to a pre-disaster stat
customers, employees who are off-site, contact emergency services, etc.? Your BCP should note which employees have cell ph
erations to a pre-disaster state, including assessing the damage, estimating recovery costs, working with insurance companies
which employees have cell phones and their numbers, as well as whether and where you have other methods of communicatin
ing with insurance companies, monitoring the progress of the recovery process, and transitioning the management of the busin
her methods of communicating during a widespread disaster, such as ham radios. If you run your own e-mail servers, do key e
the management of the business operations from the recovery team back to the regular managers.
own e-mail servers, do key employees have alternative e-mail addresses that they check regularly (home accounts or account
y (home accounts or accounts with Web-based e-mail services, etc.) and are these addresses known to other key personnel in
own to other key personnel in case they're needed for emergency contact?