| 🏠 Back to Exam Syllabus | 📺 RooCloud on YouTube | 🌐 RooCloud Practice Exams |
Disaster Recovery Plans
This episode of the ISACA Certified Information Systems Auditor (CISA) exam prep series introduces the disaster recovery plan as a critical component of the internal control system for availability. The session covers at a topic level what recovery plans contain, how recovery metrics drive strategy, the range of alternate site options available, how teams are organized, and how plans are tested and invoked.
What this episode covers
- Purpose of the DRP — how the plan fits into the internal control system for availability, with human safety as the top priority above restoring service.
- Recovery metrics — recovery point objective, recovery time objective, mean time to repair, interruption window, service delivery objective, and maximum tolerable outage.
- Choosing a recovery strategy — four factors (criticality, cost, time, security) that guide strategy selection and why senior management accepts the residual risk.
- Alternate site types — cold, mobile, warm, hot, and mirrored sites, plus reciprocal agreements and the rules for site placement and contracting.
- Plan contents and team structure — how recovery plans are organized into teams with assigned functions covering evacuation, damage assessment, and operations.
- DRP testing types and measurement — checklist review through full interruption test, run in three phases and measured quantitatively against recovery objectives.
- Plan invocation — the escalation path, scenario matching, team mobilization, and how decisions made during recovery update the procedures afterward.
Watch the full episode above for the worked examples and detailed explanations of each concept.
Frequently Asked Questions
What is the difference between recovery point objective and recovery time objective?
The recovery point objective is the acceptable amount of data loss, expressed as how fresh the backup must be; transactions in the gap get re-entered as catch-up data and some never return as orphan data. The recovery time objective is the acceptable downtime, meaning the point by which operations must resume. The closer either target gets to zero, the more expensive the strategy, with a recovery point in minutes demanding real-time replication and a recovery time in minutes demanding a hot site and clustering.
What are the main types of alternate recovery sites?
The spectrum runs from bare to fully redundant: a cold site has space and power but no equipment; a mobile site is a packaged facility delivered on a vehicle; a warm site is partly configured with some equipment ready; a hot site has everything installed with recent data so staff can resume quickly; and a mirrored site is fully redundant with real-time replication that takes over with no interruption users can feel. Reciprocal agreements between similar companies sound appealing but are considered unreliable due to compatibility and enforcement challenges.
What test types are used to validate a disaster recovery plan?
DRP tests climb in intensity from a checklist review that confirms recovery checklists are current, to a structured walk-through where the team reviews each step on paper, to a simulation that role-plays a scenario without using the recovery site, to a parallel test that brings the recovery site live while production keeps running, and finally to a full interruption test that shifts everything to the recovery site. The full interruption test is the most rigorous and the most disruptive, so organizations should start simple and grow more demanding.
What factors determine the choice of a disaster recovery strategy?
Strategy selection depends on the criticality of the process and its applications, the cost, the time required to recover, and security. Alternatives should be presented to senior management, who select the strategy and accept the residual risk. The right choice balances recovery cost against the impact of an outage, and generally every platform running a critical application needs its own strategy.
How is a disaster recovery plan invoked when an incident occurs?
A designated person is notified the moment a trigger occurs and works through an escalation path agreed in advance. The incident is evaluated to see which tested scenario it most resembles, and then the appropriate teams are mobilized. Teams follow documented procedures but are expected to evaluate options at each step and document every decision, because those notes update procedures once normal service returns.
📚 Master the ISACA CISA Exam!
Ready to test your knowledge? Access chapter-specific Multiple Choice Questions (MCQs) and full-length practice exams for the ISACA CISA certification at RooCloud.com. Solve the chapter-wise questions to reinforce this lesson before moving to the next episode.
Reference: This article is based on concepts discussed in Disaster Recovery Plans.