<P> Another critical point is failure to include each and every important business process or a block of data . "Every item in your DR plan requires a Recovery Time Objective (RTO) defining maximum process downtime or a Recovery Point Objective (RPO) noting an acceptable restore point . Anything less creates ripples that can extend the disaster's impact ." As an example, "payroll, accounting and the weekly customer newsletter may not be mission - critical in the first 24 hours, but left alone for several days, they can become more important than any of your initial problems ." </P> <P> A third point of failure involves focusing only on DR without considering the larger business continuity needs: "Data and systems restoration after a disaster are essential, but every business process in your organization will need IT support, and that support requires planning and resources ." As an example, corporate office space lost to a disaster can result in an instant pool of teleworkers which, in turn, can overload a company's VPN overnight, overwork the IT support staff at the blink of an eye and cause serious bottlenecks and monopolies with the dial - in PBX system . </P> <P> When there is a disaster, an organization's data and business processes become vulnerable . As such, security can be more important than the raw speed involved in a disaster recovery plan's RTO . The most critical consideration then becomes securing the new data pipelines: from new VPNs to the connection from offsite backup services . Another security concern includes documenting every step of the recovery process--something that is especially important in highly regulated industries, government agencies, or in disasters requiring post-mortem forensics . Locking down or remotely wiping lost handheld devices is also an area that may require addressing . </P> <P> Another important aspect that is often overlooked involves the frequency with which DR Plans are updated . Yearly updates are recommended but some industries or organizations require more frequent updates because business processes evolve or because of quicker data growth . To stay relevant, disaster recovery plans should be an integral part of all business analysis processes, and should be revisited at every major corporate acquisition, at every new product launch and at every new system development milestone . </P>

Your disaster recovery plan would be an example of this type of safeguard