Setting up a “Data Recovery” project takes some time to get started. The time you need to develop a full a “Data Recovery” project plan varies considerably, based on the size of your organization, the number of critical business functions, and the level of commitment your business is willing to make.
I estimate that developing a DR project takes three months for the very smallest organization (less than 100 employees and only one or two critical applications) and two years for a large organization (thousands of employees and several critical applications). But you have many other variables besides company size to consider.
Gaining executive support is a must because “Data Recovery” projects are disruptive. They require the best and brightest minds in the business, taking those minds away from other projects in the organization. From a strictly financial perspective, data recovery planning doesn’t provide profitability, nor should you expect the organization to become any more efficient or effective.
You may find selling the idea of a “Data Recovery” project to management difficult. A DR project doesn’t have a ROI, any more than data security does. Both data recovery planning and security deal with preparing for and avoiding events that you hope never happen (and if you do your job correctly, the fact that the events don’t happen is your return on investment). Still, you may need to convince management that DR planning is a worthwhile investment for any of the following reasons.
Disaster preparation and survival: The most obvious benefit of a completed DR plan is the organization’s survival from a disaster. Survival that comes as a result of planning and preparation.
Disaster avoidance: Data recovery planning often leads to the improvement of processes and IT systems that makes those processes and systems more resilient. Events that would result in a severe business interruption before you had the DR plan in place become, in many cases, just a minor event artier you enact the plan.
Due diligence and Due Care: Few organizations have never experienced an accident or event that resulted in the loss of data. Neglecting the need for “Data Recovery” planning can be as serious an offense as neglecting to properly secure information. DR planning protects data against loss. If your organization fails to exercise this due care, it could face civil or criminal lawsuits if a preventable disaster destroys important information.