A disaster recovery (DR) plan is a formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents such as natural disasters, power outages, cyber-attacks and any other disruptive events. The plan contains strategies on minimizing the effects of a disaster, so an organization will continue to operate – or quickly resume key operations.
Disruptions can lead to lost revenue, brand damage and dissatisfied customers. And, the longer the recovery time, the greater the adverse business impact. Therefore, a good disaster recovery plan should enable rapid recovery from disruptions, regardless of the source of the disruption.
A DR plan is more focused than a business continuity plan and does not necessarily cover all contingencies for business processes, assets, human resources and business partners.
A successful DR solution typically addresses all types of operation disruption and not just the major natural or man-made disasters that make a location unavailable
Another current trend that emphasizes the importance of a detailed disaster recovery plan is the increasing sophistication of cyberattacks. Industry statistics show that many attacks stay undetected for well over 200 days. With so much time to hide in a network, attackers can plant malware that finds its way into the backup sets – infecting even recovery data.
The purpose of a disaster recovery plan is to comprehensively explain the consistent actions that must be taken before, during, and after a natural or man-made disaster so that the entire team can take those actions. A disaster recovery plan should address both man-made disasters that are intentional, such as fallout from terrorism or hacking, or accidental, such as an equipment failure.