This tool is designed to help organizations evaluate their existing IT disaster recovery plans. It provides two sample assessment checklists, each with a series of best-practice questions tailored for regulated entities, like banking or SEC-regulated firms, and non-regulated entities. 

The first sample focuses on pre-planning, plan development, plan testing and plan maintenance. Questions in this section assess whether the organization has followed an industry-standard disaster recovery methodology, performed a business impact assessment (BIA), consulted business process owners during BIA, carried out a risk management review, prepared a recovery options list approved by management, and more. The second sample expands on these areas but also includes additional aspects like project initiation and management, aimed at determining if key business personnel were involved in developing the disaster recovery plan, along with adequate funding committed toward its development and maintenance. Overall, this checklist serves as an essential tool to help organizations thoroughly assess their IT disaster recovery capabilities against best practices. The aim is to make sure that every aspect, from initiation and management of the project through risk assessment up until post-disaster maintenance, has been covered adequately to prepare an organization against any form of IT disaster.

Sample questions include:

• Did you follow an industry-standard disaster recovery (DR) methodology?
• Which methodology did you use?
• Did you perform a business impact assessment (BIA) to prioritize your business processes?
• Were business process owners consulted during the BIA?