As a result you no doubt have disaster recovery plans and procedures in place for your company's IT systems and critical enterprise applications. However, those capabilities are just the start.

Once built, those plans, from off-site data centers hosting your critical applications to data backups that are available at the flick of a switch when needed, have to be maintained, updated and tested on a regular basis so that they absolutely, positively can be relied on in a real disaster.

For many IT organizations, that kind of testing is often nonexistent. Without scheduled reviews and testing, your disaster recovery efforts could themselves be a second disaster waiting to happen.

"I know that it's really scary for organizations to reach over and flip a switch to power down a server that's running in production, but that has to be done once in a while to check out a disaster plan," says Daniel M. Kusnetzky, principal analyst at Kusnetzky Group LLC. "The last thing that you want to have is a plan that hasn't been tested before a disaster."

A key reason for testing your procedures, Kusnetzky said, is that if they don't go as planned it's certainly better to know that when the power is on, your staff is onsite and your business isn't being threatened by a true natural disaster.