Disaster Recovery Planning: untapped Success Factor in an Organization

Vishal Dineshkumar Soni*

Department of Information Technology
Campbellsville University

Corresponding author:
Vishal Dineshkumar Soni*
Department of Information Technology
Campbellsville University
Email: vishaldksoni@gmail.com

Electronic copy available at: https://ssrn.com/abstract=3628630

ABSTRACT:
The disaster recovery planning forms to be an important component of any organization
to overcome unplanned adversity. To function the successful organization or business model, the
structuring of different sectors plays an important role and disaster planning becomes one such
core element. Well before the catastrophic event occurs, an organized planned disaster
management strategy can overcome the unexpected event and help to recover. In most
organization, are equipped with the latest technological fronts but lacks disaster recovery plan
management which may often lead to crisis. Even in the current scenario, where a large number
of unexpected events are encountered, scanty measures are being implemented to equipped with
disaster recovery plan management. Hence, based on these facts, the present study emphasis, the
importance, components, and planning strategies of disaster recovery. Though a large number of
reports highlight the structuring and functioning of an organization, only small studies have shed
light on the presented topic which became the subject of investigation and study in this mini-
review.
.
KEYWORDS: Disaster, Recovery, Planning, Information science, Management, Business,
Organization

INTRODUCTION:
A Disaster Recovery Plan (DRP) is an important component of any organization that
cannot be ruled out from the management plan. It is considered to be one of a pivotal protocols
to be executed in the company’s recovery plan to avoid or prevent disaster strikes. It’s no longer
just catastrophic events consisting of hurricanes, earthquakes, and tornadoes, but additionally
incidents along with cyber-attacks, gadget failures, or even terrorism that can be categorized as
disasters. some organizations are very much dependent on that of IT or information technologies
which form the main pillars, structuring or functioning of the company (Horney et al., 2016;
Nadikattu, 2020). The concept of disaster recovery is focused on the information of a science
department that plans and forecasts the recovery strategies well ahead of the disaster strikes

Electronic copy available at: https://ssrn.com/abstract=3628630

(Hannan et al., 2006). This is executed with protocols designed by an IT sector that needs to be
coordinated within the company with different sectors working together as shown in the figure 1
below.

Figure 1: Functioning of organization

In the current scenario, there are myriad components associated to manage DRP, for
instance, use of software's, license keys, used in the restoration effort, maintaining the restore,
back up, plans for technical documentation using recovery software programs, a summary of
insurance coverage plans, watch on economic and legal issues as well as media outreach. These
components become essential parts of DRP's in any organization (Kahan, 2014). The disaster
recovery team is said considered to be one of the important members in an organization as like
others who are accountable for essential IT infrastructure within the company (Krell, 2006).
Based on these facts , The present manuscript is based on the planning of disaster following the
important role played by the information science techniques to manage disaster strikes and

Electronic copy available at: https://ssrn.com/abstract=3628630

execute planning. There are many goals of that of Disaster Recovery Planning that helps in the
resuming of computer capabilities that is based on the disaster strikes. There are many stages of
the DRP and some of them include the understanding of the company’s activities and how its
resources are intertwined, the plan will also have to assess the company’s vulnerability in many
areas such as operating procedures, data integrity, physical equipment and space along with that
of contingency planning (Rivera, 2010).

LONG AND SHORT TERM RECOVERY PLANS

The understanding of in which way any levels of a company can be affected in case
disaster strikes. The development of a recovery plan should be of both long and short-term
strategies. The long-term recovery plans include the ways in which the organization is returning
to normal operational schedule. This will aid in flow of economy and create good space for
running smooth business in any organization. Also the prioritisation of the order in which
functions are performed is important factor in the long term planner. The short term recovery
plans are usually the ones which are accidently happening due to human errors causing not much
impact on the organization. This can be carried out by monitoring the consistent maintenance
and testing along with the updating of the plans as per changes made in the business (Triyanti et
al., 2017).

IMPORTANCE OF DRP
In order to have good and successful DRP strategies, there should be necessary steps
being planned accordingly with the type of organization which can make sure that steps are taken
towards the prevention of the likelihood of a disaster (Xiao et al., 2018). According to DRP
specialist Vinny Troia, there has to be DRP guidelines in every organization irrespective of their
business performance and degree of their earnings. As there are many business owners who still
believes, there won't be any disaster strikes especially the small entrepreneurs. But according to
various studies, It has been found that as many as 25% of small entrepreneurs gets disaster
strikes which can temper their market and are get forced to shut their business (Williams, 2018).
If there are guidelines of DRP in any company or organization, there will be lesser
chances of accidental strikes as these guidelines are updated and improved based on the business
patterns of a company. A well thought out DRP will make sure that businesses do not face a

Electronic copy available at: https://ssrn.com/abstract=3628630

problem in case events turn negative and there are problems like that of a server crash and power
outage (Snedaker and Rima, 2014). A good DRP starts with the use of simple checklists and
planning tools of disaster preparedness that are curated for specific business needs. Something as
simple as keeping the lists of contacts handy can also save the situation if need so arises. It has
been recommended that the owner of the business will have to be listing their contact
information for all of their partners, staffing, and insurance agents along with that of vendors
(Xiao et al., 2018).
It has been noted that keeping the contact information of the staff and their next of kin is
of prime importance. The DRP guidelines should also needs to have the backup planning to
bounce by the accidental disaster strikes The communication is not allowed to be cut-off in case
of a tornado situation if a good DRP is in place. One can send an email that will prompt everyone
to send a text which will inform them that there had been a tornado and staff members needed to
be checking in. Even if the towers of the cells had to be destroyed and messaging or texting
would be spotty there can be many ways in which the situation can be salvaged by that of DRP.
DRP is also something that can include the data backups which are regular however a lot
more than a single backup is needed. Troia has to say that there are onsite backups that can help
the business when there are hard drives that have failed however it may not work in the case of
employee theft or in the event of a fire. There can also be data that is backed up off-site that can
salvage the situation for a company that faces a tornado. A company will have to be making sure
that software that automates the process is invested in (Alawanthan et al., 2017).
In case the program is good it will automatically be creating a backup at a particular time
of the day. There can be set a lot of programs so as to be verifying the datum and to be able to
send a message or text alert in case the system has detected a problem (Bates et al., 2019). After
the process of backup has been in place, Troia has said that a business should create another
backup of the same datum and then store it somewhere off-site. There are many ways in which it
can be done so (Zamanifar and Hartmann, 2020). It is, however, cloud storage that is the most
The owner of the business will have to understand the spots of weakness so that they are
able to create a plan that can help them in the situation. It has been seen to be a wise plan to be
planning ahead in case there are any potential recovery failures for disaster (Johnson and
Olshansky, 2017). A man must be able to see all the scenarios where their plan will be failing. If
in case the threat has been understood along with that of the risks it will propel someone to be

Electronic copy available at: https://ssrn.com/abstract=3628630

making a plan that will help the business recover very soon. The DRP can be having to become
futile if in case the documents of the same are not updated and the plans are not tested on the
regular (Soleh et al., 2018). Testing can vary from that of making sure of the fact than an
employee knows where fire extinguishers are placed to that of the shutting down of servers so
that recovery plans are validated.
One should not wait for the disaster to be striking, they should be considering working
with that of vendors or partners so as to be able to discuss what are the expectations and to be
knowing if the vendors will be providing any emergency equipment such as that of servers and
workstations or that if the company can have access that is immediate to that of a line of credit.
The company can make sure to be working out a contract with its partners along with that of the
clients saying that each of the companies can be working from that of the offices of the other in
lieu of a small fee daily in case something happens. It is possible that an entrepreneur who is
home-based may also be scoping out the town so as to be determining what is available for that
of the emergency space in the office and also know well ahead of time someone to be contacting
and where to be going in case a disaster strikes (Andrews and Caron, 2016).
There are often very simple things that will force an office to be closing down and laying
off their employees. The organisation has to make sure that its plans are audited and they are
covering the BCP or Business Continuity Plan. DRPs provide validation that is by that of a third-
party to that of the stakeholders stating that documents are complete and do not have any sign of
misrepresentations which are material. There may be a lack of completeness which may be
resulting in that of secondary effects that will be overlooking (Ganji and Miles, 2018). There can
be many effects like that of a vast increase in that of work-at-home overloads and that of the
recovery site that is incoming for that of the telecommunications capacity along with that of the
payroll that is bi-weekly which is not critical within that of 48 hours at first and maybe causing
problems to be perceived in an ever-complicated and recovering by that of the Government and
its possible union reaction.
The minimisation of the data loss and downtime when there is a disaster recovery can be
measured in 2 ways:
The Recovery Time Objective (RTO) which is the time until when that of a system can
be absolutely functional. There is also Recovery Point Objective (RPO) which is a measure for
the ability to be recovering files by that of specification of a point when it can be restored as a

Electronic copy available at: https://ssrn.com/abstract=3628630

backup copy. Every company needs an auditor who will be able to assess and examine the
situation in the case of: The procedures that have been stated in that of the DRP and BCP are
consistent with that of practices in reality. They will also be liable to know or assess if officer of
disaster recovery, liaison of disaster recovery, DR coordinator etc have the kind of skills that are
technical, experience, training along with abilities so as to be analysing the capacities of that of
the members of the team who have been assigned for the completion of tasks (He and Cha,
2019). It can also be seen to it by the auditor if the individuals are capable and trained for the
performance of particular functions. The inquiries and the tests of personnel may help in the
achieving of the same objective. The documentation is also an extremely important part of the
process. In order for that of the effectiveness to be maximised the DRP will be seen to be as most
effective if they can be frequently updated and also they should be a core part of the process of
analysis of the business (Finucane et al., 2020). This can be depicted in the figure 2 below.

Figure 2: Structuring of disaster management in organization

They will have to be revisited at any and every important acquisition which is of
corporate nature, at the launches of products along with at new milestones of system
development. There needs to record that are adequate within that of the company (Zamanifar,
and Hartmann, 2020). The information auditor will be there so that they can examine the billings,
records along with that of contracts so as to verify that the records were kept. One of the main

Electronic copy available at: https://ssrn.com/abstract=3628630

records is a current listing of the company’s software and hardware vendors. These are the kinds
of lists which will have to be periodically updated and made so that changing practices of
businesses are updated. The copies of the same will have to be stored off and on the company
sites and have to be made accessible or available to the people who will be in requirement of the
same. The auditor will be there to be making tests of the procedures that will be used so as to be
meeting the objectives and to determine its effectiveness.

PLANNING FOR DISASTER RECOVERY CAN LEAD TO AVOIDING DISASTER

The companies and businesses put together by way of creating a catastrophe recovery
plan that element actions to take and methods to follow to renew mission-important features
quickly and without essential losses in sales or commercial enterprise. In the IT space,
catastrophe recovery specializes in the IT structures that help support essential enterprise
features. The term "business continuity" is often associated with catastrophe restoration,
however, the two phrases aren't interchangeable. Disaster recovery is part of commercial
enterprise continuity, which focuses greater on retaining all aspects of a commercial enterprise
going for walks notwithstanding the disaster (Horney et al., 2016). Because IT structures these
days are so essential to the achievement of the business, catastrophe recuperation is a first-rate
pillar within the commercial enterprise continuity process. Economic and operational losses can
weigh down unprepared businesses. One hour of downtime can cost small groups as a whole lot
as $8,000, midsize organizations up to $74,000, and large firms up to $700,000, in keeping with
a 2015 document from the IT Disaster Recovery Preparedness (DRP) Council. Hence Like many
other organization IT systems that have moved to the cloud, so has catastrophe recovery.
Benefits of the cloud encompass decrease cost, simpler deployment, and the ability to check
plans regularly. However, this can come with elevated bandwidth needs or degrade a company's
network overall performance with more complicated systems (Finucane et al., 2020).

BUILDING A CATASTROPHE RECOVERY GROUP

The plan needs to be coordinated through IT team members accountable for essential IT
infrastructure within the company. Others who want to be made aware of the plan encompass the

Electronic copy available at: https://ssrn.com/abstract=3628630

 CEO or a designated senior manager, directors, department leaders, human sources, and public
relations officials. Facility owners, asset managers, regulation enforcement contacts, and
emergency responders must additionally be recognized and listed in the plan (and updated
frequently as names or smart phone numbers change), use of artificial intelligence and sensing
tools (RR nadikattu). Once the plan is written and approved through management, test the plan,
and update it if necessary. Be certain to schedule the following review length and/or audit of the
catastrophe recuperation functions. Update, update, replace as occasions transpire (big or small).
Don't simply place the plan in a table drawer and desire that a disaster doesn't occur (He and
Cha, 2019).

CONCLUSIONS

In summary, an business enterprise ought to develop a recovery crew to create a

catastrophe recuperation plan that includes figuring out and assessing catastrophe dangers,
determining vital applications, and specifying backup methods. Other techniques may be
included inside the plan based totally on the organization. The recovery group and business
enterprise have to then put into effect the DRP and observe via the plan strategies. The DRP
ought to be always tested and maintained to consistently put together the organization for
evolving failures and emergencies.

Acknowledgments:

Author is grateful to Campbellsville University for providing infrastructure to carry out

the present investigation

References
Alawanthan, D., Dorasamy, M. and Raman, M., 2017, July. Information Technology Disaster
Recovery process improvement in organization. In 2017 International Conference on
Research and Innovation in Information Systems (ICRIIS) (pp. 1-6). IEEE.

Electronic copy available at: https://ssrn.com/abstract=3628630

Andrews, C. and Caron, C., 2016. Long term disaster recovery planning in urban centers: The role
of land tenure and housing in reducing vulnerability. In Scaling up Responsible Land
Governance (p. 15). The World Bank Washington DC.

Bates, J.W., Vekiarides, N. and Geisel, B., EMC IP Holding Co LLC, 2019. Method for data
disaster recovery assessment and planning. U.S. Patent 10,481,962.

Chow, W. S., & Ha, W. O. (2009). Determinants of the critical success factor of disaster recovery
planning for information systems. Information Management & Computer Security, 17(3),
248-275. doi:10.1108/09685220910978103

Finucane, M.L., Acosta, J., Wicker, A. and Whipkey, K., 2020. Short-Term Solutions to a Long-
Term Challenge: Rethinking Disaster Recovery Planning to Reduce Vulnerabilities and
Inequities. International Journal of Environmental Research and Public Health, 17(2),
p.482.

Ganji, A. and Miles, S., 2018, October. Toward Human-Centered Simulation Modeling for
Critical Infrastructure Disaster Recovery Planning. In 2018 IEEE Global Humanitarian
Technology Conference (GHTC) (pp. 1-8). IEEE.

Hannah K.J., Ball M.J., Edwards M.J. (2006) Disaster Recovery Planning. In: Introduction to
Nursing Informatics. Health Informatics (formerly Computers in Health Care). Springer,
New York, NY

He, X. and Cha, E.J., 2019. Post-disaster Recovery Planning of Interdependent Infrastructure
Systems: A Game Theory-Based Approach.

Horney, J., Nguyen, M., Salvesen, D., Tomasco, O. and Berke, P., 2016. Engaging the public in
planning for disaster recovery. International journal of disaster risk reduction, 17, pp.33-37.

Johnson, L.A. and Olshansky, R.B., 2017. After great disasters: An in-depth analysis of how six
countries managed community recovery. Cambridge: Lincoln Institute of Land Policy.

Kahan, S. (2014). Global benchmark study reveals 73% of companies are unprepared for disaster
recovery. Retrieved from http://drbenchmark.org/global-benchmark-study-reveals-73- of-
companies-are-unprepared-for-disaster-recovery/

Krell, Eric (2006). Business Continuity Management. NY: American Institute of Certified
Public Accountants.

Nadikattu, R.R., 2020. Implementation of new ways of artificial intelligence in sports. Journal of
Xidian University, volume 14, p. 5983 - 5997. https://ssrn.com/abstract=3620017 or
http://dx.doi.org/10.2139/ssrn.3620017.

Electronic copy available at: https://ssrn.com/abstract=3628630

Nadikattu, R.R., 2020. Risk Management in the IT Department (May 21, 2020). Risk Management
in the IT Department, International Journal Of Advance Research And Innovative Ideas In
Education, Volume 6, Issue 3, 2020. Available at SSRN: https://ssrn.com/abstract=3620047.

Rivera, J. (2010). Opportunities and Challenges for Disaster Mitigation. Community Disaster
Recovery and Resiliency, 475-476. doi:10.1201/b10269-27

Snedaker, S., & Rima, C. (2014). Business Continuity/Disaster Recovery Plan Development.
Business Continuity and Disaster Recovery Planning for IT Professionals, 369-411.
doi:10.1016/b978-0-12-410526-3.00007-6

Soleh, M., Arymurthy, A.M. and Wiguna, S., 2018. Change Detection In Multi-Temporal Images
Using Multistage Clustering For Disaster Recovery Planning. Jurnal Ilmu Komputer dan
Informasi, 11(2), pp.110-117.

Soni, Vishal Dineshkumar, Challenges and Solution for Artificial Intelligence in Cybersecurity of
the USA (June 10, 2020). Available at SSRN: https://ssrn.com/abstract=3624487 or
http://dx.doi.org/10.2139/ssrn.3624487

Triyanti, A., Walz, Y., Marfai, M. A., Renaud, F., & Djalante, R. (2017). Ecosystem-Based
Disaster Risk Reduction in Indonesia: Unfolding Challenges and Opportunities. Disaster
Risk Reduction in Indonesia Disaster Risk Reduction, 445-467. doi:10.1007/978-3-319-
54466-3_18

Vyshnavi Jorrigala. Business Continuity and Disaster Recovery Planning. (2011). Information
Security Management Handbook, Sixth Edition, Volume 5, 433-434. doi:10.1201/b11250-43

Williams, D., 2018. For the Long Haul: Public-Private Partnerships for Long-Term Disaster
Recovery.

Xiao, Y., Wu, K., Finn, D. and Chandrasekhar, D., 2018. Community Businesses as Social Units
in Post-Disaster Recovery. Journal of Planning Education and Research,
p.0739456X18804328.

Zamanifar, M. and Hartmann, T., 2020. Optimization-based decision-making models for disaster
recovery and reconstruction planning of transportation networks. https://depositonce.tu-
berlin.de/handle/11303/11134

Electronic copy available at: https://ssrn.com/abstract=3628630