While it is important to have Disaster RPOs and RTOs in place, here's something to think about: what if the critical data you are currently using, becomes corrupt? Worse yet, what if someone accidentally deletes some portion? Well, the IT manager will head over into the most recent backup data, and simply recover. But because when there is no crisis as such, the data backup is usually done on a 24-hour, daily basis, think about the situation you are creating for the organization -- the daily RTO and RPO back is up 24-24 (24 hours each), whilst lets say that you define the disaster RTO and RPO to be 4-4. In the event of an unplanned incident which is not necessarily a disaster, you can't get to the data until 24 hours later, which means that unless you 'declare' the organization to be in a state of disaster, you will have lost 24 hours worth of data! So it is imperative that your regular metrics match with your disaster or in-crisis metrics.

You can always rebuild brick and mortar however once your virtual operations are compromised, there is nothing you can do to bring it back.

Initiating the Process for Business Continuity

Business Continuity is the umbrella which sits on top of Disaster Recovery. Recovering lost data or assets is simply a part of business continuance.

Depending on how your organization is set up and structured, you or your clients need to have real-time access to specific bits of data so that business can be continued.