Reconciling Incident SLA vs RTO
Assign topic to the user
First is important to note that higher disruption levels do not necessarily lead to higher Recovery Time Objectives (RTOs), or to lower incident response times/SLAs. These times are mostly defined by business continuity strategies, processes interdependencies, and available resources. For example, an organization may decide:
- to have the same RTO and incident response time/SLA, regardless of the disruption level (this basically means to have an alternative site mirroring the main site in real time at a distance that cannot be affected by the same disruption).
- to increase RTO to keep the incident response time/SLA, provided the RTO does not become greater than the Maximum Acceptable Outage (MAO). The difference between RTO and MAO is that, once MAO is defined, when MAO threshold is breached, recovering the business is not worthy anymore, while the RTO can be changed for any value from 0 to any value smaller than MAO.
- to decrease the incident response time/SLA to keep RTO, but you need to note that how much you can decrease the incident response time/SLA will depend on the complexity of processes interdependencies (i.e., some recovery activities can only be performed in sequence, not in parallel, so the sequence with the shortest time will define the minimum incident response time/SLA).
Considering that, you need to find a balance between needed activities, available resources, and business objectives and strategies to define proper values for RTO and incident response time/SLA.
These articles will provide you a further explanation about business continuity concepts:
- What is the difference between Recovery Time Objective (RTO) and Recovery Point Objective (RPO)? https://advisera.com/27001academy/knowledgebase/what-is-the-difference-between-recovery-time-objective-rto-and-recovery-point-objective-rpo/
- Explanation of the most common business continuity terms https://advisera.com/27001academy/blog/21/01/18/explanation-of-most-common-business-continuity-terms/
This material will also help you regarding business continuity concepts:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
Comment as guest or Sign in
Feb 04, 2021