Prepare for a DRP Audit

Being prepared for a DRP audit is no longer optional. It is only a matter of time as more attention is focused on DR capability.
Customers are demanding evidence of DR capability, so even unregulated industries are required to ensure they have a functional DRP.
Despite the increased emphasis on DR, most organizations still struggle with DR planning.

Our Advice

Critical Insight

Leverage a DRP audit to raise the profile of DR among senior management and get buy-in to invest in closing DR gaps. Make the DRP audit a help rather than a hindrance.
Get the most out of your audit preparation by focusing on evaluating and closing DR gaps rather than only on creating documentation.
Avoid audit chaos by conducting an internal maturity assessment as a preliminary step before a formal request from regulators or customers.

Impact and Result

Define your current DRP maturity at the start of the project. This will help you identify where to focus your efforts.
Determine the appropriate DRP maturity target and quantify your current DRP gaps for senior management. This process will help drive buy-in to invest in closing DR gaps.
Create concise usable documentation that meets the needs of your IT team as well as your auditor. Don’t waste your effort by creating documentation that satisfies the auditor but is not usable during a disaster.

Prepare for a DRP Audit Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should prepare for a DRP audit, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Prepare for a DRP Audit – Executive Brief

1. Determine current DRP maturity

Identify DRP gaps by assessing the current maturity of the DRP.

2. Review critical elements of the DRP

Close relevant DRP gaps by leveraging Info-Tech’s additional DR resources.

3. Prepare DRP audit documentation

Create concise and usable DRP documentation that meets the needs of the IT team as well as the auditor.

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Table of Contents

Need Extra Help?
Speak With An Analyst

Get the help you need in this 3-phase advisory process. You'll receive 8 touchpoints with our researchers, all included in your membership.

Guided Implementation 1: Determine current DRP maturity

Call 1: Conduct a DRP maturity assessment.
Call 2: Review your additional audit requirements.
Call 3: Determine which DRP gaps should be prioritized.

Guided Implementation 2: Review critical elements of the DRP

Call 1: Close gaps in asset management, BIA, and risk management.
Call 2: Close gaps in DR procedures, DR solutions, and DR awareness.
Call 3: Close gaps in DR testing, documentation management, and DR integration with change management.

Guided Implementation 3: Prepare DRP audit documentation

Call 1: Review and complete the DRP summary document.
Call 2: Create a DRP audit review process that transforms audit insights into improved DR capabilities.

Authors

Frank Trovato

David Xu

Contributors

Dr. Bernard A. Jones, Manager Business Continuity & Disaster Recovery – HSE&BC, Novartis Business Services
Steve Tower, Management Consultant, Disaster Recovery Plans & Assessments
Anonymous, Associate Director at a University