Information Technology Reference
In-Depth Information
n
Default
Key functions, personnel, and infrastructure documentation
Hardware configurations
Software, including types and versions of OS, COTS, and custom
applications
Recovery time objective (RTO); time between declaration and a recovery-
active state (e.g., 24 to 72 hours)
An alternative expression of RTO is downtime tolerance (DTT).
Recovery scope objective
Comprehensive enumeration of:
Key business functions
Key people
Supporting key infrastructure
Recovery process exercises
DRP and DR process documentation
Plan
Procedures
n
−
−
n
−
n
−
n
n
n
n
n
n
n
8.15.4
IA
2
Perspective
One point of view is to approach disaster recovery tactics by considering individual
threats and defining specific steps to deal with each one. Much time and effort is
put into devising comprehensive threat lists (e.g., fire, flood, earthquake, malware,
spyware, etc.). The endeavor to provide such an exhaustive list is exhausting and
not practical. A complementary approach to make DRM and DRP more manage-
able is to create asset-centric disaster classifications:
n
n
−
n
−
n
n
n
Loss of site
Loss of site access
Bio, chemical, weather, transportation
Loss of a data center
Fire, flood, or any number of causes
Loss of data center access
Loss of key server or equipment
Loss of key service, where service may be a business service or technical service
The categorizations above provide a shorter list of disaster contingency plans
and are threat agnostic. The focus remains on the disaster, not the threat. When
enumerating specific threats and planning for specific responses to those threats,
focus the top most probable threats (see threat probability assessment [TPA] in
chapter 5). Use the combination of disaster classifications and highest probable
threats as guidance for devising recovery procedures.
