Expert Advice Community

Guest

Rationalizing RPO

  Quote
Guest
Guest user Created:   Apr 12, 2018 Last commented:   Apr 12, 2018

Rationalizing RPO

If I have an RTO for a system of 1 hr and the RPO as per backup data by IT is 4 hrs how would I rationalise the RPO? I know the business would have to suggest a suitable RPO..but how can it be rationalized? Is there a particular formula to use or ?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 12, 2018

Answer: Basically the RPO means a volume of data stored/processed in a time frame before the occurrence of a disruption that the organization accepts to lose. For example, if you have a RPO of 4 hours, it means the organization accepts to lose stored/processed data in the last 4 hours before the disruptive incident.

Since the variables to evaluate such loss will depend of the business process evaluated, there is no general formula to apply (e.g., for a sales website the number of transactions lost can be a parameter, and for a cloud storage service the volume of data lost can be the parameter). The way to rationalize RPO is by assessing the damage for different amount of data loss - then they will be able to recognize what is acceptable and what is not. 

This article will provide you further exp lanation about RTO and RPO:
- What is the difference between Recovery Time Objective (RTO) and Recovery Point Objective (RPO)? https://advisera.com/27001academy/knowledgebase/what-is-the-difference-between-recovery-time-objective-rto-and-recovery-point-objective-rpo/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 12, 2018

Apr 12, 2018

Suggested Topics

Guest user Created:   Aug 03, 2022 ISO 27001 & 22301
Replies: 1
0 0

Incidents

Guest user Created:   Aug 03, 2022 ISO 27001 & 22301
Replies: 1
0 0

Policies details

Guest user Created:   Aug 03, 2022 ISO 27001 & 22301
Replies: 1
0 0

Audit point