Review of disaster recovery and business continuity plan activations reveals common failures

Janco Associates has just completed a review of 253 disaster recovery and business continuity plan activations and classified the shortcomings of those plans.

The most common issue, occurring in 62 percent of all recovery plans were errors in the plans. This often was due to the plan not being kept up to date (47 percent), the unavailability or inaccurate passwords (34 percent), and failure of the initial restoration process (13 percent).

Additional reasons for failures were: insufficient backup power - 22 percent; communications not in place - 18 percent; personnel not adequately trained - 17 percent; system recovery priorities not identified - 14 percent; recovery processes not sufficiently documented - 13 percent; and disruption event not identified quickly enough and activation was late - 12 percent.

Janco also found the there was a significant failure of the restoration process which did not function as expected. Most of those shortcomings were classified in one of the other categories.

The CEO of Janco, Victor Janulaitis said: "We found that only 47 percent of the plans were completely successful. Even though none of the activations reviewed resulted in a complete failure, we found that there were a number of shortcomings that could be corrected."

Janulaitis added: “We were surprised to see a number SMB companies have moved their backup processes to the cloud. We feel this is a positive step; however we still believe that some physical media needs to be retained.”

DRP BCP Failures

Janco publishes a Disaster Recovery Business Continuity Template.  Janulaitis said that many of the industry's best practices that are clearly defined within the template.  “We continue to review efforts of companies around the globe as they recover from various types of disasters and add components to our template that can be used by enterprises of all sizes.” He added, "Over 3,000 companies in over 65 countries have selected Janco's Disaster Recovery Business Continuity Template as their product of choice.”

The template is delivered electronically and comes as an easily modifiable Microsoft WORD file.  The template is over 220 pages long and includes everything needed to customize the Disaster Recovery Plan to fit an organization's specific requirements.

The template contains proven written text and examples. Included are: business impact analysis - including a sample impact matrix;  organization responsibilities pre and post disaster; DRP checklists; backup strategy for data centers, departmental file servers, wireless network servers, data at outsourced sites, desktops (in office and "at home"), laptops and PDA's; recovery strategy including approach, escalation plan process and decision points;  disaster recovery procedures in a check list format; incident/media communication plan; plan for administration processes; a technical appendix including definition of necessary phone numbers and contact points; job description for disaster recovery manager (3 pages) - entire disaster recovery team job descriptions are available; and,  work plan to modify and implement the template with a list of deliverables for each task.

Disaster Recovery Business ContinuityDisaster Recovery Business Continuity Standard Edition

  • Disaster Recovery Business Continuity Template (WORD)
    • Disaster Recovery Business Continuity Audit Program - Compliant with ISO 27031 and ISO 22301
    • Disaster Recovery Manager Job Description
    • Manager Disaster Recovery & Business Continuity Job Description
    • Application Inventory and Business Impact Analysis Questionnaire
    • Incident Communication Plan and Policy with BEST PRACTICES for
      • News Conferences
      • Media Relations
    • Social Network Checklist
    • Included with the template are Electronic Forms which have been designed to lower the cost of maintenance of the plan. Electonic Forms that can be emailed, completed via a computer or tablet, and stored electronically including:
      • LAN Inventory
      • Location Contact Numbers
      • Off-Site Inventory
      • Personnel Locations
      • Plan Distribution
      • Remote Location Contact Information
      • Team Call List
      • Vendor Contact Information

Disaster Recovery Business ContinuityDisaster Recovery Business Continuity Premium Edition

  • Disaster Recovery Business Continuity Template (WORD)
    • Disaster Recovery Business Continuity Audit Program - Compliant with ISO 27031 and ISO 22301
    • Disaster Recovery Manager Job Description
    • Manager Disaster Recovery & Business Continuity Job Description
    • Application Inventory and Business Impact Analysis Questionnaire
    • Incident Communication Plan and Policy with BEST PRACTICES for
      • News Conferences
      • Media Relations
    • Social Network Checklist
    • Included with the template are Electronic Forms which have been designed to lower the cost of maintenance of the plan. Electonic Forms that can be emailed, completed via a computer or tablet, and stored electronically including:
      • LAN Inventory,
      • Location Contact Numbers,
      • Off-Site Inventory,
      • Personnel Locations,
      • Plan Distribution,
      • Remote Location Contact Information,
      • Team Call List, and
      • Vendor Contact Information.
    • 15 Full Job Descriptions (WORD)
      • Chief Information Officer,
      • Chief Security Officer,
      • Chief Compliance Officer,
      • VP Strategy and Architecture,
      • Director Disaster Recovery and Business Continuity,
      • Director e-Commerce,
      • Director Media Communications,
      • Manager Disaster Recovery,
      • Manager Disaster Recovery and Business Continuity,
      • Disaster Recovery Coordinator,
      • Disaster Recovery - Special Projects Supervisor,
      • Manager Database,
      • Capacity Planning Supervisor,
      • Manager Media Library Support,
      • Manager Site Management, and
      • Pandemic Coordinator.

Disaster Recovery Business ContinuityDisaster Recovery Business Continuity Gold Edition

  • Disaster Recovery Business Continuity Template

  • 243 IT Job Descriptions including all of the job descriptions contained in the Premium edition

DR BC SecurityDisaster Recovery Business Continuity & Security Manual Templates Standard Edition

  • Disaster Recovery Business Continuity Template (WORD)
    • Disaster Recovery Business Continuity Audit Program - Compliant with ISO 27031 and ISO 22301
    • Disaster Recovery Manager Job Description
    • Manager Disaster Recovery & Business Continuity Job Description
    • Application Inventory and Business Impact Analysis Questionnaire
    • Incident Communication Plan and Policy with BEST PRACTICES for
      • News Conferences
      • Media Relations
    • Social Network Checklist
    • Included with the template are Electronic Forms which have been designed to lower the cost of maintenance of the plan. Electonic Forms that can be emailed, completed via a computer or tablet, and stored electronically including:
      • LAN Inventory
      • Location Contact Numbers
      • Off-Site Inventory
      • Personnel Locations
      • Plan Distribution
      • Remote Location Contact Information
      • Team Call List
      • Vendor Contact Information
  • Security Manual Template (Word)
    • HIPAA Audit Program
    • ISO 27000 Security Audit - Compliant with ISO 22301 & 27031
    • Business and IT Impact Questionnaire
    • Threat and Vulnerability Assessment Tool
    • Sarbanes-Oxley Section 404 Checklist
    • Electronic forms that can be Emailed, completed via a computer or tablet, and stored electronically including:

      • Blog Policy Compliance
      • Company Asset Employee Control Log
      • Email - Employee Acknowledgment
      • Employee Termination Checklist
      • Internet Access Request
      • Internet Use Approval
      • Internet & Electronic Communication - Employee Acknowledgment
      • Mobile Device Access and Use Agreement
      • Employee Security Acknowledgement Release
      • Preliminary Security Audit Checklist
      • Security Access Application
      • Security Audit Report
      • Security Violation Reporting
      • Sensitive Information Policy Compliance Agreement

DR BC SecurityDisaster Recovery Business Continuity & Security Manual Templates Premium Edition

  • Disaster Recovery Business Continuity Template (WORD)
    • Disaster Recovery Business Continuity Audit Program - Compliant with ISO 27031 and ISO 22301
    • Disaster Recovery Manager Job Description
    • Manager Disaster Recovery & Business Continuity Job Description
    • Application Inventory and Business Impact Analysis Questionnaire
    • Incident Communication Plan and Policy with BEST PRACTICES for
      • News Conferences
      • Media Relations
    • Social Network Checklist
    • Included with the template are Electronic Forms which have been designed to lower the cost of maintenance of the plan. Electonic Forms that can be emailed, completed via a computer or tablet, and stored electronically including:
      • LAN Inventory
      • Location Contact Numbers
      • Off-Site Inventory
      • Personnel Locations
      • Plan Distribution
      • Remote Location Contact Information
      • Team Call List
      • Vendor Contact Information
  • Security Manual Template (Word)
    • HIPAA Audit Program
    • ISO 2700 Security Audit
    • Business and IT Impact Questionnaire
    • Threat and Vulnerability Assessment Tool
    • Sarbanes-Oxley Section 404 Checklist
    • Electronic forms that can be Emailed, completed via a computer or tablet, and stored electronically including:

      • Blog Policy Compliance
      • Company Asset Employee Control Log
      • Email - Employee Acknowledgment
      • Employee Termination Checklist
      • Internet Access Request
      • Internet Use Approval
      • Internet & Electronic Communication - Employee Acknowledgment
      • Mobile Device Access and Use Agreement
      • Employee Security Acknowledgement Release
      • Preliminary Security Audit Checklist
      • Security Access Application
      • Security Audit Report
      • Security Violation Reporting
      • Sensitive Information Policy Compliance Agreement


  • 25 Full Job Descriptions
    • Chief Information Officer (CIO); Chief Compliance Officer (CCO); Chief Security Officer (CSO);VP Strategy and Architecture; Director e-Commerce; Database Administrator; Data Security Administrator; Manager Data Security; Manager Database; Manager Disaster Recovery; Manager Disaster Recovery and Business Continuity; Pandemic Coordinator; Manager Facilities and Equipment; Manager Media Library Support; Manager Network and Computing Services; Manager Network Services; Manager Site Management; Manager Training and Documentation; Manager Voice and Data Communication; Manager Wireless Systems;Capacity Planning Supervisor; Disaster Recovery Coordinator; Disaster Recovery - Special Projects Supervisor; Network Security Analyst; System Administrator - Unix; System Administrator - Windows

DR BC SecurityDisaster Recovery Business Continuity & Security Manual Templates Gold Edition

  • Disaster Recovery Business Continuity Template (WORD)
    • Disaster Recovery Business Continuity Audit Program - Compliant with ISO 27031 and ISO 22301
    • Disaster Recovery Manager Job Description
    • Manager Disaster Recovery & Business Continuity Job Description
    • Application Inventory and Business Impact Analysis Questionnaire
    • Incident Communication Plan and Policy with BEST PRACTICES for
      • News Conferences
      • Media Relations
    • Social Network Checklist
    • Included with the template are Electronic Forms which have been designed to lower the cost of maintenance of the plan. Electonic Forms that can be emailed, completed via a computer or tablet, and stored electronically including:
      • LAN Inventory
      • Location Contact Numbers
      • Off-Site Inventory
      • Personnel Locations
      • Plan Distribution
      • Remote Location Contact Information
      • Team Call List
      • Vendor Contact Information
  • Security Manual Template (Word)
    • HIPAA Audit Program
    • ISO 2700 Security Audit
    • Business and IT Impact Questionnaire
    • Threat and Vulnerability Assessment Tool
    • Sarbanes-Oxley Section 404 Checklist
    • Electronic forms that can be Emailed, completed via a computer or tablet, and stored electronically including:

      • Blog Policy Compliance
      • Company Asset Employee Control Log
      • Email - Employee Acknowledgment
      • Employee Termination Checklist
      • Internet Access Request
      • Internet Use Approval
      • Internet & Electronic Communication - Employee Acknowledgment
      • Mobile Device Access and Use Agreement
      • Employee Security Acknowledgement Release
      • Preliminary Security Audit Checklist
      • Security Access Application
      • Security Audit Report
      • Security Violation Reporting
      • Sensitive Information Policy Compliance Agreement
  • 243 Full Job Descriptions which includes all of the job descriptions in the premium edition
    •  Order Disaster Plan TemplateDisaster Plan Sample
    Disaster PlanningSecurity Policies ProceduresJob DescriptionsIT Infrastructure, Strategy, & Charter TemplateIT Salary SurveyDRP Security