1.0 Introduction

In any business there are various kinds of policies or planning practices are maintained and currently Disaster recovery planning (DCP) has become one of the most significant element. Disaster recovery developed in the mid late 70’s Thus, even many large organizations focus little or tend to neglect such important aspect in their business needs. A comprehensive disaster recovery plan need to be built up upon on various disaster recovery policies, tools and procedures. Business continuity mean that having proper plan to handle with disasters, so organisations can continue its operations and functions with as little disruption as possible. Disruptions can be natural disaster such as flood, tsunami, and man-made disaster such as fire or supply chain failure or cyber-attack (Deloitte, 2018). However, currently data has become most significant asset of the organisation. Further, information technology and information system are highly used for the business operation. Further, companies use multiple servers which connect each other. Therefore, organisations has developed policies and procedures to protect data and information systems. The main aim of such policies is to ensure the continuity of the systems operations and technology infrastructure in the business whatever the cause generated following a natural or influenced by human.
Disaster recovery plan related to IT infrastructure involves set of policies, procedures and tools to enable the continuation or recovery of vital technology infrastructure or systems after following a natural or human involvement disaster. The disaster recovery mainly focus on the information technology or technology supporting critical business functions. Disaster recovery is interconnected with business continuity planning (BCP). Disaster recovery and business continuity planning are key parts of the organisations’ strategic planning process. Disaster recovery policies has a direct relationship with the business continuity where it involves keeping all essential aspects of the business functions despite a significant disruptive event to a business (Paton, 2014). Business continuity planning proposes more all-inclusive approach to ensure to continue the operation not just after the disaster but also during minor disruption such as retirement of key employee or problem with supplier chain partner. Failure of any part of the business process due to disaster event could lead to the loss of revenue. Further, disasters cause to interrupt to the operations certain period of time. However, if company has a proper business continuity and disaster recovery plan, company can face to disaster well and mitigate the risk and reduce the time for recovery.

As per the current business environment, information technology is key enabler of business processes. Information technology is developed at such high speed even that IT expertise couldn’t hold finger on the pulse of information technological changes. Therefore, cyber-attack has become one of the great threat to the companies and highly possible disaster that can happen to the businesses. According to survey, organisations seek to increase compliance with cyber security regulations and data privacy protection to avoid data breaches. According to survey conducted by KPMG among around 4000 IT leaders, 45% participants respond that they are prioritizing cybersecurity improvements (Fountain, 2019). Therefore, protecting the business from the cyber threat has become up of the board room agenda over all other matters. Thus, disaster recovery plan for cyber threats are become the greatest concern of the technology leaders.
When it comes to cyber security, disaster recovery plan means the document developed to support the company in restoring the data assets and recovering in data losses. This document need to be proactive and need to update with the time. This is included the action plans which is used to identify the resources, policies and procedures that need to sustain and monitor corporate information technology before, during and after the disaster. Disaster recovery cover broad area and every level of the company need to work together to make success of DRP. IT disaster can be natural disaster such as flood, lightning or software, hardware or system malfunction, power outage, man made threats such as hackers, sabotage, vandalism or viruses or human errors. Therefore, DRP need to response all these identified disasters and threats. Companies can use ISO 22301 to benchmark their business continuity standards with international standards and can use ISO 27001 for cyber security.
This study is comprehensively discussed the importance of the disaster recovery plan and evaluate the possible approaches that can use DRP in organisations. Different secondary data sources such as journal articles, magazines and industry related books have been used to conduct this study. Further, in this study, it is discussed about cyber security aspects of the organisation as an element of disaster recovery plan.