Skip to main content

Disaster Recovery Testing - The Sandy Effect

December 04, 2012

Most organizations that we do business with have disaster recovery policies and/or business continuity policies, but in the weeks leading up to and following Hurricane Sandy, we started to wonder how many of these policies are tested on a regular basis.

As Adaptive prepared for the possible effects of Hurricane Sandy, we went back and evaluated our recently updated Disaster Recovery Policy.  It was important to ensure we had incorporated our new remote office and new systems that are integral to our business operations.  Even though Adaptive’s policy was updated within the past year, it was imperative to re-evaluate our procedure if disaster struck.  We had consistently performed the paper testing of the policies in prior years, but when faced with an actual event that could cause outages, we found that we should still adjust the intervals in which we update our policies and procedures.

In the weeks following Hurricane Sandy, we asked some of our clients if they execute DR/BCP tests on a regular basis.  Most said no, and some said never.  When we followed up asking when they had last updated their Disaster Recovery policy, a scary reality began to set in.  Some of the organizations had policies and procedures that were so out of date that the notification alert system listed employees that no longer worked at their company and contained procedures that no longer existed.

It’s reasonable to believe that these organizations are asked if they have a DR/BCP plan every year, and they can honestly say they do.  Yet, how effective are these policies, plans, and procedures that are currently in place?  With the availability of cloud based solutions and storage, we are able to simplify some of our plans and lower the cost of proper planning resources.  Once the new DR/BCP policy is securely in place, the only task that remains is continually keeping these policies up to date with the most relevant company information.

Related Blogs

February 26, 2018

The GDPR 90-Day Countdown is on! (No Need to Freak Out)

May 25, 2018 is a day that many organizations have (or should have) marked on their calendars as a game-changing moment for their business. That’s the...

See Details

February 28, 2018

Part 1: Frameworks in Context: The Business-Aligned Information Security Program and Control Frameworks

During hundreds of strategy, risk and compliance engagements, Optiv’s consultants often have been asked very thoughtful and deep questions about contr...

See Details

March 08, 2018

Part 2: Frameworks in Context: The Business-Aligned Information Security Program and Control Frameworks

In part 1 of this series, we provided insights responding to the frequent question regarding control frameworks and their place in the security strate...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Related Insights

October 23, 2017

Cybersecurity Careers

2017 has been a very busy year for cybersecurity professionals. It seems weekly, if not daily, news breaks of a new data breach or intrusion of critic...

See Details

July 21, 2015

Application Security Solutions

Learn how Optiv can help with web, email and application protection.

See Details

October 11, 2017

Security Solutions

Optiv is a market-leading provider of end-to-end cyber security solutions. View our services here.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.