Not many companies are consistently planning for disaster recovery. And if we have learned anything from the past few years of high-profile outages, it is that the ability to recover information systems and data quickly and effectively after a disaster should be an organizational priority. Failure to consistently plan for disaster can cost organizations time and money during an outage.
A wide range of disasters, natural and otherwise, can weaken a company. At the extreme, ransomware attacks can cause companies to shut down operations for several days. For example, several airline companies in Britain experienced major IT failures in 2023, which resulted in thousands of canceled flights and an estimated $128 million in lost revenue. At the other end of the spectrum, a brief power outage can also disrupt IT operations and impact revenue.
As shown in Figure 3 from our full report, Disaster Recovery Planning Best Practices, only 21% of organizations that enact such plans do so formally and consistently. Having formal disaster recovery plans means that the plan is documented and sufficient to ensure the restoration of services.
Even if the disaster recovery plan is formally documented, its effectiveness diminishes the moment changes are introduced into IT systems. Practicing it consistently means that the plan is reviewed and revised on a regular basis as infrastructure or systems change. As the incident mentioned above and many recent others highlight, formal disaster recovery plans are more important than ever.
“All of our respondents are either implementing or already have some sort of plan in place,” said Waynelle John, research analyst for Avasant Research, based in Los Angeles. “The problem is that most only remember the plan when disaster strikes.”
Disaster preparedness starts with having a plan for restoring data, networks, and systems in the event of natural or anthropogenic disasters. Disaster recovery planning involves creating and maintaining plans and processes to ensure the recovery of systems and data in case of disruptions. The plan should be consistently updated and integrated into everyday IT operations. Even if the organization survives a disaster, it may face significant disruption and financial losses.
As more organizations realize the importance of disaster recovery, they should take advantage of tools, software, and technologies to support their recovery plans. By embracing these tools, organizations can streamline and automate their disaster recovery processes, mitigate costs and complexities, and perhaps alleviate the consistency challenges.
However, there is a caveat. Having a disaster recovery plan is not enough—it must be tested periodically to ensure every aspect of it works. We cover that topic in a separate IT management best practice report, Disaster Recovery Plan Best Practices.
In the full disaster recovery planning study, we first look at adoption trends for disaster recovery planning by organization size and sector. We also discuss the elements that every disaster recovery plan should contain, key considerations, and steps IT organizations should take in establishing such plans.
This Research Byte is a brief overview of our report, Disaster Recovery Planning Best Practices. The full report is available at no charge for subscribers, or it may be purchased by non-clients directly from our website (click for pricing).