Guest post Created: Jan 13, 2016 Last commented: Jan 13, 2016

Declaring a Disaster

Currently we have a stated time to: a) assess an incident and declare a disaster (12 hours) b) activate Recovery Plans to re-instate customer systems (8 hours) However, looking at this from a customer perspective, they could argue that this adds up to an RTO of 12+8 = 20 hours. Can anyone offer advice on how to document (contractually) and manage customer expectations? Of course, we are putting the microscope on how we can improve the time for a)

0 0

Assign topic to the user

Select user

Guest

AntonioS Jan 13, 2016

From my point of view, the best place to establish these clauses is the Service Level Agreement, and I would specify clearly that the RTO is 20 hours (and I would also include the RPO).

You can also include in the Service Level Agreement the "Response Time", which is the time from you receive an incident until you reply it (it is related only with the response, not with the resolution of the incident).

And to set the customers expectations, you have to perform the Business impact analysis to calculate the RTO - based on that RTO all the other response times need to be calculated.
Finally, this article about the Business impact analysis can be interesting for you "How to implement business impact analysis (BIA) according to ISO 22301" : https://advisera.com/27001academy/knowledgebase/how-to-implement-business-impact-analysis-bia-according-to-iso-22301/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community