Disaster Recovery is Purely an IT Function – Or is It?

There is a temptation to consider disaster recovery as an IT-specific activity, conducted by IT staff to get IT systems running properly again after an incident or a mishap. Part of that notion is true. Disaster recovery is a term that is reserved for computer systems and networks, and recovering after an IT outage. With enterprises and organisations increasingly dependent on information technology, that also makes DR a large and essential part of business planning. However, as IT-centric as disaster recovery may be, trying to make it the exclusive responsibility of the IT department could be a big mistake. Here’s why.

If IT systems are down, departments must be able to continue functioning. Even e-commerce websites need some backup mechanism whereby they can continue to accept orders, whether this is as sophisticated as a mirrored online store or as basic as a temporary email address on another system. Being able to continue functioning in adverse conditions of any kind is the definition of business continuity. In the event that IT systems fail, it doesn’t matter whether you call it ‘BC’ or ‘enterprise DR’. The fact is that departments and business units must plan ahead to be able to operate in the absence of computer systems. Sitting back and trusting in the ability of the IT department to get things running again is insufficient, to say the least.

And while IT is battling to bring systems and networks back up again, somebody needs to give appropriate information to stakeholders – including customers – about what happened and what is being done to fix it. There are not many IT departments that combine excellence in both technical knowhow and relationship management. To calm down external ‘interested parties’ is the job of the public relations director or, often as not, the CEO. Indeed, as ‘enterprise DR’ involves the whole organisation, who better than the CEO to lay down the DR law by which all departments must abide? So while disaster recovery is naturally IT-centric, effective DR will often involve not just the IT department, but also the business continuity manager and the CEO too.