Jul 11 2011

How to Write an Effective Disaster Recovery Plan

Writing a sound disaster recovery plan takes time, but with proper planning, it can save headaches – and assure uptime.

Every school needs a disaster recovery plan, but writing an effective one is no small task. How do you come up with a plan that covers every crisis contingency and every aspect of a district's daily operations?

Unanticipated crises, whether they're minor disruptions or catastrophic events, can wreak havoc on a district. Ensuring continuity of operations and the safety of all stakeholders in the aftermath of such events is essential for any school, particularly when the crisis can't be mitigated quickly.

As many districts have learned the hard way, successful disaster recovery begins and ends with advance planning. A few years ago, I took a 10-week disaster recovery and continuity-planning course at Drexel University. From this course I learned many best practices that helped me through the process of writing a disaster recovery plan for Delsea Regional School District in Franklinville, N.J., for which I worked for nearly eight years.

Strategic Thinking and Doing

Work as a team. When developing a disaster recovery plan, it's vital to take a big-picture view of your school or district. If only one person creates the plan, something could easily be overlooked.

Assemble a team of stakeholders who have different roles within your district and diverse perspectives about how to protect it. Soliciting the input of teachers, administrators, IT staff, school board members and even parents will help develop a plan that meets the needs of every person with a stake in the district's future.

Define your scope and mission. The importance of this step can't be overstated. Your scope statement should explain why and how you're going to create the DR plan. The mission statement should clearly define the document's main purpose.

Assess your risks. Risk assessment requires that you look at all of the risks your district may face – even those that seem wildly outlandish. Then, use your best judgment to single out the most credible threats to your district's security; these are the crises your plan ultimately should address.

At Delsea Regional, we identified 10 risks and developed metrics to measure them. (This list included such contingencies as total destruction of infrastructure, HVAC failures, and internal and external hacking.) We assigned value to the metrics, ranging from 1 (low risk) to 4 (extremely high risk), and created assumptions and guidelines that could be used in conjunction with the metrics to determine the probability and severity of each crisis.

Next, we used a risk-assessment matrix that we found online to determine the overall risk level associated with each of the disaster scenarios we identified. We then compiled our results on risk-assessment forms, discussed our individual findings and came to consensus as a group.

Define priorities and perform a business impact analysis. Deciding what's most important to your district's day-to-day operations will help your team determine how to best leverage financial and staff resources to protect those interests.

Each year, school IT departments are tasked with storing and protecting an ever-growing repository of student records, faculty and staff information, financial records, e-mail and learning resources. Given the sensitive nature of much of this mission-critical data, it's important to understand the impact its loss or theft would have on the future of your district – and to do what's necessary to secure it.

Delsea Regional, for example, uses Symantec Backup Exec for nightly data backups, and on weekends we perform full backups to tape, which we store offsite. We also use Shadow Copy, a component of Microsoft Windows, to take snapshots of data every four hours.

Define recovery strategies and procedures. This section of the plan should describe each disaster and recommend actions to take if it occurs. The plan also should outline the costs associated with recovery efforts and the procedures to follow if the plan must be executed.

Develop a communication plan. Communication may be the single most important piece of the puzzle. This section of the plan should define each disaster's actual or potential threat to human safety or to property; the need to relocate operations; and acceptable time periods for response and recovery.

Recovery teams – among them: management, administrative, alternate site and infrastructure recovery – also should be defined. Note that some individuals in your district may need to serve on multiple teams. Also, collect and have available in one place the phone numbers and other personal contact information of internal and external personnel who should be contacted if an emergency occurs.

Create an appendix. A disaster recovery plan should be mostly nontechnical. But you will need solid technical documentation to recover your systems once the immediate trauma of a crisis has passed. Include in your plan's appendix a comprehensive inventory of all IT resources, data backup policies, vendor lists, service contract lists, diagrams and other technical specifications.

Consider the DR plan a living document. Failing to keep your plan up to date defeats the whole purpose of having one. Store a physical copy of the document in a three-ring binder that's kept in the data center (or another secure location) so it's easy to access if your systems go down. Keep a record of all changes, and be sure to date and sign off on each modification.

Test often. There isn't much point to having a well-thought-out plan if it can't be executed. Testing your plan regularly will ensure that problems are addressed before an actual disaster occurs.


If a disaster struck the Delsea Regional School District, IT staff would be tasked with restoring services to 10 buildings and 2,000 computers. More than 430 administrator, teacher and staff users and 3,000 students would be affected.

<p>Kick Images/Getty Images</p>