To have or not have a Disaster Recovery Plan
Assign topic to the user
ISO 27001/ISO 22301 INCIDENT RESPONSE PLAN
Steps on how to respond to major incidents that can disrupt a business.
Get it now 
ISO 27001/ISO 22301 INCIDENT RESPONSE PLAN
Steps on how to respond to major incidents that can disrupt a business.
Get it now
ISO 27001/ISO 22301 INCIDENT RESPONSE PLAN
Steps on how to respond to major incidents that can disrupt a business.
Get it now
The example in the question is a result of a recovery strategy for IT. In this case the option was using a mirror site due to the critical business that infrastructure is supporting. So you already implemented an IT Disaster Recovery approach. But you should have a documented Disaster Recovery Plan, because:
1) Others persons can be aware of the specific subject.
2) It is part of the Business Continui ty Plan increasing the resilience of the Business Continuity Management System,
3) IT Disaster Recovery Plan activation may not be just related with IT malfunction that should be covered in the incident response plan
4) You still need to implement the return to normal operation and this should be planned and documented.
5) You need to implement a regular test approach in order to evaluate the effectiveness of the solution.
6) Disaster Recovery Plan would help in case of failure of HA technology.
You can find a more detailed information on: https://advisera.com/27001academy/blog/2010/11/04/disaster-recovery-vs-business-continuity/
Hope this helps
Comment as guest or Sign in
Jan 12, 2016