Skip to content
Compliance

When A Good Recovery Strategy is Better than a Perfect Recovery Strategy

Written by: mavenmanaged

Be notified when we post.

Relevant Contents

Need Tailored Business Continuity Insights?

Contact Us Now for Personalized Guidance!

Your recovery strategy does not have to be perfect, but it does need to be good enough. Remember, perfect is the enemy of good.

When I worked in the IT department at a large retail company, we would strive to get the requirements exact and ensure our designs were perfect – no issues or gaps. This often caused some frustration with our business partners. They wanted it done faster, and we wanted it done right the first time to prevent rework. This is when I first heard two things that changed my perception:

  • Perfect is the enemy of good
  • 80% is good enough

When I asked, are you sure, the response was, “Yes – we are going to want it changed in 3 – 6 months anyway because we will learn something new or need to adjust based on the market.” This response can be especially true for our recovery strategies.

This does not imply that you can just throw together a solution or not perform due diligence. It does imply that you should work to get a strategy and implementation in place that allows for recovery, even if that strategy is not perfect or may not meet all your RTO/RPO requirements.

When we look at strategies for organizations, we look at the current state. If there is something in place that is functional, then we might take more time to craft a more perfect solution. But, as is most often the case, the recovery strategy is not functional and there are significant gaps to be addressed to ensure that, at a minimum, all the critical applications would be recovered.

What is better – an imperfect recovery of all necessary applications within a reasonable timeframe, followed by the remaining environments, or a “perfect” recovery that is within the RTO/RPO of only one or two critical apps, with no certainty that anything else can be recovered at all?

The “good enough” recovery strategy depends on your environment:

  • What is your virtualization position?
  • What are your data privacy requirements?
  • What is your legacy application position?

For example, we have clients with critical applications running on unsupported operating systems, with hardware for which it is almost impossible to get replacement parts. The recovery strategy for these environments might be to virtualize a recovery environment that “sort of” works. It may take manual effort; it might be slow and impact productivity. It is not a perfect solution, but it will work if necessary. What is better – having something that is painful to use, or just hoping an event will never occur? One of my favorite sayings is “Hope is not a strategy.”

If possible, your strategy should include those technologies that will provide your environment flexibility and growth. This allows for adjustment and modifications as environments and business requirements change. Also, along with the strategy, a roadmap to move from current state to good, from good to better, and from better to best will be helpful in communication and planning.

We want to develop the best strategy possible, but sometimes good enough is the best strategy.

by Richard Long, Senior Advisory Consultant, MHA Consulting


Start building a stronger future

Navigate uncertainty with an expert - schedule your free consultation with our CEO, Michael Herrera.

Other resources you might enjoy

The 7 Habits of Highly Effective Crisis Managers

The recent hurricanes in the southeastern U.S. provided a...

Exploring DORA: The EU’s Excellent New Digital Resilience Standard

The European Union’s tough new regulation covering the...

Ready to start focusing on higher-level challenges?