DR Impact Assessment

Download: DRIA_10Scale.xlsx (110KB)

Once your DR function has it's charter, one of the first steps is to identify what services need to be protected, and what is their relative priority. To do this you perform an Business Impact Assessment to work out the impact a loss would have on the organisation.

In it's simplest form you want a short-list of critical services, and an indication of how long you can survive without them before the organisation is seriously harmed. 

Ideally, you need an assessment that scales well. You shouldn't need to revisit existing questionnaires each time you add a new service, change the definition of 'critical' or the organisation's risk appetite. In fact,

My DR Impact Assessment

The key feature of this DR Impact Assessment is the impact over time, which has been found to be relatively intuitive to fill in, but also gives a more granular Maximum Tolerable Outage (MTO) assessment that makes it more robust to other changes in the organisation. 

It allows you to

  • determine relative recovery priorities depending on extent and duration of the outage before recovery initiated
  • Allows the financial cost to be estimated, which can drive the amount of investment in recovery controls
  • Take into account the rate of impact deterioration, rather than just the worst case, so you can mitigate with better workarounds

Example

Advice

As a rule of thumb, I like to set a Recovery Time Objective (RTO) for a service to be one-third of the MTO. This allows time for the crisis team to convene and make the irreversible decision to invoke DR, and time for recovery of service, and still time to repeat that recovery attempt if needed before the company is permanently harmed.

Care must be taken to avoid the assessment being too subjective, especially for new services where the interviewee is likely seeing this as the new big thing. It's usually best to work from the most catastrophic end (when will this destroy the company), and from the least impactful (how long can workarounds mitigate an outage), and then work to meet in the middle.