How have others approached building IT Disaster Recovery from a low maturity starting point? How did you prioritise what to tackle first? Did you establish a dedicated DR/resilience role, or spread responsibility across existing teams?
Sort by:
Director of Architecture and Innovation in Finance (non-banking)7 months ago
In an effort to enhance organizational resilience, a comprehensive Disaster Recovery (DR) plan was implemented, beginning with a thorough Risk Assessment. This assessment allowed for the identification and measurement of high-impact processes and the supporting technologies. Based on these insights, a DR cloud solution was established using Microsoft Azure Disaster Recovery as a Service (DRaaS). This approach enables the organization to initiate recovery with minimal services and scale up as needed.
Due to staffing constraints, the existing team is responsible for managing the DR processes, ensuring continuity without the need for additional personnel.
In my view, it’s essential to have a designated focal point in the team responsible for ensuring systems are recoverable in case of a disaster. In our organization, this role was assigned to the Head of Cyber Security. Starting with a disaster recovery rehearsal worked well for us: we defined a starting point, and all teams learned what worked and what didn’t. From there, we set clear goals based on NIST and tracked progress against these goals, measuring the cyber leader and team accordingly.