|
By Bozidar Spirovski
The IT disaster recovery test -- as part of business continuity testing -- is becoming an annual event for most IT departments. It is mandated by a lot of regulators, nearly insisted upon by internal auditors and of course a very healthy thing to do.
But performing the IT DRP test without proper risk management can put your organization at significant risk.
To put things into perspective, let's analyze the steps, risks and countermeasures of an IT disaster recovery test:
With all these risks, is it more prudent to never perform an IT DRP test? Absolutely NOT, and here is why:
- Performing the IT DRP test actually confirms that things are running, and if something breaks, you are much more prepared for the next time.
- Not performing the test will just make you think everything is great, until the incident occurs. And the incident is just as certain as death and taxes.
So perform the IT DRP test regularly, but with a whole set of countermeasures for the possible risks that can happen during the test. Of course you will miss some risks, but if you plan for 10 and miss 1 it is much better than not planning at all!
Copyright © 2009 - 2010 WireHead Security, LLC
Bozidar Spirovski is an information security expert with Information Security Short Takes.
Only registered users can write comments.
Please login or register. |
