YALE-MSS-1.5.1: Determine the maximum amount of data that can be lost during a disruption before incurring significant impact to operations

Recovery Point Objective (RPO) is how frequently backups of data are created.  For example, if you have an RPO of 24 hours, then a backup is generated once every 24 hours.  At most you’ll lose one day of data in the event of an outage (i.e., you can go back to a “point” that is no more than 24 hours from when the system was last functioning).

Recovery Time Objective (RTO) is the maximum amount of time before incurring a significant disruption to operations during an outage.  For example, if you determine that your operation can't be offline longer than eight hours before a significant disruption, then your RTO would be eight hours.

A low RPO means frequent data backups, and a low RTO means quick restoration of service.

This requires an understanding of:

• How much data you can lose without impacting the function the IT System supports
• The backup capabilities of the supporting infrastructure the IT System is hosted on
• The timings of the supporting infrastructure backups or disk mirroring operations

Example: A system is continuously updated with real-time patient information.  It's decided that the system cannot afford to lose more than 10 minutes of data in the event of a disruption.  As a result, the system has an RPO of 10 minutes and must be backed up every 10 minutes.  In the event of an outage, it is determined that being down for more than two hours is unacceptable.  This results in an RTO of two hours.