Best practices for planning and managing disaster recovery testing

There are a number of best practices which are aimed at helping organizations  to significantly reduce the cost and complexity of their disaster recovery as well as testing their procedures out. 

First of all, you and your business must always be prepared for any type of disruption. You never know what might hit you, so conducting an extensive risk analysis and getting input from key stakeholders, such as operations people, department managers and application development managers is the only way to go. 


Be in the know

Ensure that you, your staff and most importantly, your backup provider, understand the key systems that will keep your business running and what will make a huge difference in your business operations. 

You and your backup provider should also have a thorough understanding and intimate knowledge of your systems’ interdependencies and which systems need to be brought up first.


Make sure the plan can stand alone 

When a disaster strikes, the staff who wrote the recovery plan may not be available to execute it, so you have to make sure your disaster recovery plan will work with or without the people who developed it. Do not hesitate to ask someone other than whomever wrote your plan to take care of disaster recovery when you’re testing it out.


Challenge the business 

Business unit managers will exaggerate and say they need an application recovered right now, but that application might not be as mission critical as they believe. Challenge those individuals to think hard about how long they can really make do without that application or module.


Test and test

A review of your plan on paper is important, but it is not enough. In addition to tabletop tests, you might need to surprise your staff with mock disasters during which your staff must handle themselves well and execute the disaster recovery plan down to the details.



So you’ve shocked everyone and ran a mock disaster for your staff. What do you do with the results of the test? This is a critical part of disaster recovery planning. First, create an action-item checklist out of your review of what worked well and what didn't, then speak to the concerned staff members. If you are working with an outside provider, you should document what went wrong and use that report to outline your expectations for the next test, as well as, of course, any disaster that might just happen.

Next - Read our article about the cost of data disasters and how to avoid having a data disaster yourself

read next

Is your data safe enough?

Dale Schembri - April 11, 2019

In Verizon’s 2018 breach investigation report, over 65% of network intrusions were a result of hacking or social engineering attacks. So what can businesses do to protect against hackers’ attempts at accessing their data? When it comes to best-practices for online security, two-factor authentication (2FA) and multi-factor authentication (MFA) are always brought to the fold. […]

Read More

Cybersecurity risks within the financial sector

Dale Schembri - March 15, 2019

The financial services industry is undoubtedly going through a major shift, driven by the fintech wave of new products, operators and ways of doing business.  Accounting for shifts in technology, laws & regulations and global realities can be quite a daunting and time-intensive task. Taking a step back and reflecting on your long-term challenges and […]

Read More

Watch: Christian Sammut's interview at ICE 2019

Dale Schembri - March 6, 2019

Christian Sammut, BMIT's CEO discusses BMIT's recent announcements related to the €10m investment in a Tier 3 data centre, the strategic partnership with Microsoft and the recently-launched Backup-as-a-Service Solution. Watch the full interview below:

Read More