The 9-Point Checklist for Disaster Recovery Plans

November 10, 2016

4 min read

Tracy Rock

Director of Marketing @ Invenio IT
Checklist for Disaster Recovery Plans

The 9-Point Checklist for Disaster Recovery Plans

by | Nov 10, 2016

Here’s a Checklist for Disaster Recovery Plans

A tornado will strike your office at 8:37 tonight. Will your business be up and running again tomorrow? If you haven’t planned for a worst-case scenario, the answer is no: not tomorrow and possibly not ever. We’ve created this simple checklist for disaster recovery plans to help you plan for how you’ll restore your operations after a disaster.

Most disasters don’t come with warnings

Even tornados are generally predictable with today’s weather-forecasting technology. You usually know when certain natural disasters are coming, like hurricanes, heavy rains and blizzards. But most of the time, disaster strikes when you least expect it—and for unpredictable reasons: fires, cyberattacks, terrorist attacks, malware and even simple human error.

Each type of disaster has unique consequences on the people, systems and processes that make your business run. Use this checklist for a disaster recovery plan to make sure you’re prepared for virtually any major event.

Checklist for Disaster Recovery Plans

1. Identify who does what in a disaster.
  • In most disaster recovery plan examples, this is often called a “mission-critical hierarchy of personnel functions.” But in a nutshell, it’s a list of key stakeholders, executives and managers, along with their disaster-response responsibilities.
  • Who will monitor the impact on sales and cash flow?
  • Who will make decisions on business relocation?
  • Who has access to secure systems or the ability to grant authorization to others?
  • What tasks need to be completed in each department to restore operations ASAP?
  • Decisions like these will need to be made immediately, so your recovery plan should spell out exactly who will make them and how.
2. Put people first.
  • When you Google “checklist for disaster recovery plan,” it’s shocking how many lists neglect to mention the risk of actual human harm in a disaster. You must have a plan for how you’ll take care of your employees.
  • What if there are widespread injuries at the office?
  • How will you obtain urgent medical care or emergency supplies?
  • You need to think beyond a simple first-aid kit if you want to make your people a priority.
3. Have a backup office.
  • Nope, for most businesses, that doesn’t mean paying rent on an additional space that you’d only use in an emergency. But you do need to evaluate what your options are.
  • Consider where your staff will work if the office cannot be opened.
  • Is technology in place to allow people to work remotely?
  • Consider creating a separate, evolving checklist that identifies potential available real estate that would allow your business to relocate immediately, if necessary. That means making phone calls and remaining in close contact with real estate professionals who could get you into a new space right away.
4. Determine equipment needs.
  • You’re operating on a limited, mission-critical staff. How many computers will you need? How many mobile phones? Who gets them, and where do they get them from?
  • Every business should already have up-to-date inventories of all office equipment, including computers, IT infrastructure, furniture and other assets. Your disaster recovery plan should identify how you’ll reproduce that entire inventory after a major disaster, as well as a smaller inventory of absolute mission-critical equipment.
5. Recover data.
  • This includes all files, emails and digital assets. If it’s saved anywhere on your network, it needs to be backed up constantly and easily restored after a disaster.
  • Chances are this data is your business’s most valuable asset and the most important component affecting your business’s downtime. Having a solid backup solution must be a critical part of your IT disaster recovery plan.
  • Consider how and where you are backing up your data. Is it on-site? In the cloud? Is the data encrypted? How quickly can it be restored? What is the risk of data being compromised or corrupted during recovery?
6. Make communication easy.
  • Recovering after a disaster is impossible if your people can’t communicate with each other or don’t know how. Consider not only how people will communicate but also with whom.
  • What devices will mission-critical teams use?
  • How will you communicate with your workforce if email and phones are offline?
  • Who should employees contact to confirm the status of the business or find out what’s happening?
  • Who will stakeholders need to contact to actually execute the disaster recovery plan?
7. Protect hard-copy documents.
  • Even in today’s digital-centric world, most businesses still have mountains of important paper documents stored in boxes and file cabinets.
  • You need to plan ahead for how you’ll protect, copy, recover and/or reproduce these documents should you suddenly lose access to them.
8. Know what you’ll say to the outside world.
  • In addition to communicating internally, you may need to reach out to the media, clients, customers and vendors. How? Which ones? What core messages will you need to get across after a crisis has disrupted your business?
  • Many disaster recovery audit checklists include the need for a “crisis media kit.” This is a good idea if you believe you’ll need to send out a press release or other urgent communications.
  • Don’t put this off. Nobody wants to be writing a press release after a disaster has just devastated the business. Have one pre-written, templated and ready to blast when needed. (If you’ve done your job creating a disaster recovery plan, then you already know what this release will need to say – almost regardless of what kind of disaster you’re facing.)
9. Constantly reevaluate.
  • Disaster preparedness is a work in progress. You need to constantly reevaluate your plan to ensure that you’re planning for all possible scenarios.
  • When creating a checklist for a disaster recovery plan, keep in mind that the information you include is likely to become outdated in just a few months. Your plan should outline a timeline for how often it’s updated and by whom.

Final thoughts

Most disaster recovery plans are far from perfect, and the list above is intended only as a rough guide. Consider consulting with a disaster planning professional, who can help you create a comprehensive, individualized plan for your business.

New call-to-action

Director of Marketing @ Invenio IT