Relevant Contents
Need Tailored Business Continuity Insights?
Contact Us Now for Personalized Guidance!
A seemingly small distinction that can have a large impact on a company’s future is the difference between a) having an IT disaster recovery plan and b) having an IT disaster recovery plan that has actually been proven to work.
This article explains the necessity of validating your IT/DR strategy and plans and sets out ways of going about this critical but frequently neglected task.
Related: The Rise of “Quick and Dirty” DR Testing
Summary
- Having an IT/DR strategy and plans is not the same as knowing they will work during an outage.
- Organizations should regularly review recovery strategies, validate third-party capabilities, and test recovery processes under realistic conditions.
- IT/DR testing turns recovery assumptions into evidence and helps teams identify gaps before they become failures.
The Difference Between Planning and Preparedness
Organizations that have gone to the trouble of developing an IT/DR strategy and plans are to be commended for their foresight and the responsible attitude these actions demonstrate toward the company’s future and stakeholders.
However, simply having a strategy and plans is not enough if these have not been proven to actually work.
Merely being in possession of a strategy and plans might make people feel good before an outage. But if there is a disruption, and the strategy and plans turn out not to perform as expected, those warm feelings from the past will be cold comfort.
Unfortunately, many organizations stop short of the critical step of actually validating their recovery plans.
Very few company managers, business continuity team members, or IT staff would leave home without making sure their phone was charged or set off on a car trip without checking the gas gauge. But many people in these roles routinely entrust their organization’s ability to recover from a technology outage to plans which have rarely if ever been put to the test.
To express this in a form that would fit on a fortune-cookie slip: Hope is not a strategy.
Every organization should make an ongoing habit of testing its IT/DR recovery plans and strategies and identifying and closing any gaps revealed. This is the only way of making sure your plans will work when you need them. To do anything else amounts to running 90 percent of a race and then sitting down, or trusting the organization’s future to a roll of the dice.
Below are some tips and considerations to help organizations interested in crossing the critical gulf that divides merely having IT/DR recovery plans from having plans that have actually been proven to work.
Review Your Recovery Strategies Regularly
The first step in reviewing an IT disaster recovery program is ensuring that the recovery strategy remains valid. Recovery environments, business requirements, technologies, applications, and dependencies all change over time. A recovery approach that was appropriate two years ago may no longer support the organization's current operational needs.
Organizations should review their resiliency position and recovery strategies at least once a year. This review should include confirming that application recovery time objectives (RTOs) and recovery point objectives (RPOs) remain aligned with business requirements and that the recovery technologies and procedures supporting them are still appropriate.
Any known gaps, changes in architecture, or new dependencies should be identified and addressed before they become problems during an actual outage.
Verify Third-Party Recovery Capabilities
Many organizations increasingly rely on SaaS applications and hosted environments, assuming that disaster recovery concerns are largely the vendor’s responsibility. This assumption can create significant risk.
Service-level agreements and vendor reports often focus on availability rather than recoverability. A provider may guarantee high uptime while still requiring recovery timeframes that exceed your organization’s business requirements during a major outage.
For example, a SaaS provider might advertise 99.99 percent availability while maintaining recovery procedures that could require several hours to restore service following a significant failure. If your business requires recovery within four hours but the vendor's recovery capability is eight hours, a gap exists regardless of what the SLA says.
Organizations should therefore verify, not simply assume, that third-party recovery capabilities align with their own recovery objectives. Understand how the provider's environment is architected, what recovery commitments actually exist, how recovery is tested, and whether the results satisfy your operational requirements.
Exercise and Validate Continuously
There is no substitute for exercising recovery plans. Documentation reviews and strategy discussions are important, but testing is what transforms assumptions into evidence. Environments can be complex with multiple dependencies and integration points. Individual resiliency and recovery solutions must be integrated and testing is the best way to ensure there are no gaps.
Organizations should employ multiple types of exercises, each serving a different purpose.
Tabletop Exercises
Tabletops provide an opportunity to walk through a recovery scenario step by step, including decision-making, communications, dependencies, and sequencing. Because tabletop exercises are discussion-based, they allow teams to explore large-scale scenarios, such as the loss of an entire data center, that would be difficult or risky to simulate in a live environment. They are particularly valuable for identifying overlooked dependencies and exposing gaps in recovery assumptions.
Technology-Specific Tests
These exercises validate individual recovery technologies. Examples include backup restoration, storage replication, virtual machine failover, database recovery, or cloud recovery capabilities. These tests do not necessarily need to involve complete environments. A single server, database, file set, or application component can often provide meaningful validation. Performed regularly throughout the year, these tests help confirm that recovery technologies function as expected and that personnel know how to use them during an actual disaster.
Application and Service Recovery Exercises
Exercises of this type move closer to real-world conditions by simulating the recovery of complete applications or business services. Unlike narrowly focused technology tests, these exercises validate the interaction of multiple recovery components and help determine whether the overall recovery strategy can deliver a functional recovery. Whenever possible, these exercises should simulate realistic outage conditions rather than highly controlled scenarios designed to guarantee success. Increasing the number of applications recovered and verifying integration between applications can be important to ensure the human resources can perform the recovery in the timeframe needed and the entire environment will be functional.
Collectively, these exercises help organizations validate their ability to achieve a functional recovery when it matters most.
Make Your Testing More Meaningful
Conducting exercises is essential, but organizations can gain even greater value by expanding the scope of their testing and challenging their recovery assumptions from multiple perspectives.
Involve Business Users in Recovery Testing
IT teams often make assumptions about how systems will be used following recovery. Business personnel bring a different perspective. By interacting with recovered applications as they would during normal operations, they frequently identify issues, missing functionality, or workflow problems that technical teams overlook.
Consider Performance Validation for Critical Services
Tests should be run at scale and volume. A recovered environment may technically function while operating at significantly reduced capacity. Understanding these limitations before an outage occurs allows the organization to develop realistic business continuity procedures and communicate expected impacts in advance. It is far better to know that critical processing will require twice as long in a recovery environment than to discover that fact during a crisis.
Validate SaaS and Hosted Environments
Recovery testing should include validating any integrations between vendor-hosted systems (such as Salesforce and Workday) and internal applications. Data exchanges, interfaces, authentication mechanisms, licensing requirements, encryption configurations, and failover processes should all be reviewed. Assumptions that no action will be required during a vendor recovery event should be tested rather than accepted on faith.
The closer testing comes to reflecting real-world operating conditions, the more confidence organizations can have that their recovery capabilities will perform as expected during an actual disruption.
When a Real Disaster Happens
No amount of testing completely eliminates uncertainty. Actual events introduce stress, time pressure, and unexpected complications. However, disciplined execution can significantly improve recovery outcomes.
Coordinate Among People and Teams
The beginning of the recovery can be chaotic. One of the most common problems during major outages is that individuals begin performing recovery activities without fully understanding dependencies, priorities, or the overall state of the environment. Effective command, control, and communication are essential.
Maintain Strong Operational Discipline
Monitor the people performing recovery tasks. Ensure they are using the documentation and communicating any issues encountered before making significant changes. It is essential to practice careful change management during an event. If problems emerge later, the ability to understand what actions were taken can dramatically reduce troubleshooting time.
Watch the Clock
When issues arise, it is easy to allow significant time to elapse during troubleshooting. Recovery teams frequently announce they will spend “five more minutes” investigating an issue and can still be found working on it 30 minutes later. Establishing escalation points and predefined decision thresholds helps ensure that additional resources, vendor support, or specialized expertise are brought in before significant delays accumulate.
Validate Before Turnover
Before handing recovered systems over to another team or returning them to production use, perform validation. Spending a few minutes confirming system status, functionality, and readiness can prevent hours of troubleshooting later.
Until a real disaster occurs, no organization can be absolutely certain its recovery strategy will succeed. However, through regular review, rigorous testing, and disciplined execution, organizations can dramatically increase the likelihood that their recovery plans will perform as expected when they are needed most.
From Optimistic Plans to Proven Recovery
Having an IT/DR strategy and recovery plans is an important first step, but it is only the beginning. Organizations must regularly review their recovery strategies, verify the capabilities of third-party providers, and continually exercise and validate their recovery processes to ensure they will perform as expected when needed.
Testing transforms assumptions into evidence. Through tabletop exercises, technology validations, application recovery tests, performance testing, and disciplined execution during actual events, organizations can identify and close gaps before they become costly failures during a real disruption.
Organizations looking to strengthen their IT disaster recovery capabilities do not have to tackle this challenge alone. MHA Consulting helps clients assess recovery strategies, validate recovery capabilities, design meaningful testing programs, and improve overall recoverability so they can recover from technology disruptions more quickly and effectively. Contact us to learn how we can help ensure your IT/DR plans work when it matters most.
Further Reading
- The Rise of “Quick and Dirty” DR Testing
- You Still Need to Drill: IT/DR Testing Is as Important as Ever
- Beyond Compliance: Going the Extra Mile to Prove Recoverability
- The Benefits of Stressing Out: Why You Should Stress Test Your Recovery Plans
- BCM Basics: Modern IT/DR Strategies
Frequently Asked Questions
Why is it important to validate your IT/DR plans?
Unless your IT disaster recovery strategy and plans have been tested and validated, there is no way to know whether they will perform as expected during an actual outage. Regular validation helps organizations identify gaps, incorrect assumptions, broken dependencies, and technology issues before they become costly failures during a real disruption.
How often should you review your IT disaster recovery strategy and plans?
Organizations should formally review their recovery strategies at least annually. Recovery environments, technologies, applications, business requirements, and dependencies change over time, and a recovery approach that worked in the past may no longer meet current needs. Annual reviews should confirm that recovery time objectives (RTOs), recovery point objectives (RPOs), and supporting recovery technologies remain aligned with business requirements and that any known gaps are addressed.
What types of exercises should organizations conduct to validate their IT/DR plans?
Organizations should use a combination of exercise types. Tabletop exercises help teams walk through recovery scenarios, communications, and dependencies. Technology-specific tests validate individual recovery capabilities such as backup restoration, replication, failover, and database recovery. Application and service recovery exercises simulate the recovery of complete business services and help determine whether the overall recovery strategy can deliver a functional recovery under realistic conditions. Together, these exercises provide a comprehensive view of recovery readiness.
What are some expert tips for improving IT disaster recovery outcomes during technology disruptions?
Organizations can improve recovery outcomes by maintaining strong command-and-control processes, ensuring teams understand roles and responsibilities, and requiring personnel to follow documented recovery procedures. It is also important to monitor recovery timelines closely, establish escalation points when problems occur, and carefully track changes made during the recovery effort. Finally, before returning systems to production use, teams should validate that recovered environments are functioning properly. These disciplined practices can significantly improve recovery speed, coordination, and overall effectiveness during an actual event.
Richard Long
Richard Long is one of MHA’s practice team leaders for Technology and Disaster Recovery related engagements. He has been responsible for the successful execution of MHA business continuity and disaster recovery engagements in industries such as Energy & Utilities, Government Services, Healthcare, Insurance, Risk Management, Travel & Entertainment, Consumer Products, and Education. Prior to joining MHA, Richard held Senior IT Director positions at PetSmart (NASDAQ: PETM) and Avnet, Inc. (NYSE: AVT) and has been a senior leader across all disciplines of IT. He has successfully led international and domestic disaster recovery, technology assessment, crisis management and risk mitigation engagements.