Use disaster recovery standards to guide pandemic planning
ISO standards are just a starting point
Focusing further on DR challenges, Stephen Manley, chief technologist at Druva, cited ISO 22301:2019, Security and resilience — Business continuity management systems — Requirements. That standard, Manley noted, begins as it should, with including leadership commitment to BCDR, “since a BCDR plan can only succeed with the broad support and investment of the leaders across the organization — people, process and technology.”
ISO 22301:2019 requires documentation of the planning process, the recovery operation and the results of the BCDR plan.
“With the shift to remote work, businesses need to reevaluate what people, processes and technology may have become newly business-critical,” Manley said. Then, BCDR standards require exercising and measuring, and the results should be evaluated. “During times of change, it is even more important to meet those guidelines,” he added.
Echoing that point, Rahul Pawar, VP of product management at Commvault, said that ISO and similar standards can provide valuable guidance on how to build a quality management system that ensures DR and other IT processes are repeatable, defensible and cost-effective. “Their adoption should be at or near the top of every data center operator’s to-do list if they have not been adopted already.”
Standards are just a starting point on the road to quality management success, Pawar said.
“These standards will not build a quality management system for data center operators or account for every problem they might encounter during a disaster,” he said. Also, they can’t ensure they are following the latest DR best practices.
“They can help data center operators chart a path to developing and implementing the robust IT processes needed to avoid data loss during a disaster like COVID,” Pawar said. “But data center operators still need to walk this path themselves.”