YALE-MSS-3.2: Test the Disaster Recovery Plan

Standards Group:
YALE-MSS-3: Disaster Recovery (DR)

YALE-MSS-3.2: Test the Disaster Recovery Plan

Low Risk Endpoint Not Required Moderate Risk Endpoint Not Required High Risk Endpoint Not Required Low Risk Server Not Required Moderate Risk Server Not Required High Risk Server Upcoming Required for HIPAA Low Risk Mobile Device Not Required Moderate Risk Mobile Device Not Required High Risk Mobile Device Not Required Low Risk Network Printer Not Required Moderate Risk Network Printer Not Required High Risk Network Printer Not Required

Details

To complete YALE-MSS-3.3, you must complete Yale-MSS-3.2. This includes all pre-requisites for Yale-MSS-3.2. Testing your DR plan is the last step to planning for DR. Testing is critical to ensuring your DR Plan is complete and effective.

Testing prepares you to handle the stress of disasters. Testing confirms you can restore your IT System within its specified availability requirement. The purpose of testing your DR plan is to:

  • Ensure the plan documentation is clear
  • All contact information is present in the plan
  • All recovery steps are present in the plan
  • All recovery steps are in the right sequence
  • The plan is successful (confirmation comes from good test cases)

Should any of the recovery steps in the DR Plan be modified, added or removed, or the order changed?

Can any member of the team access the DR Plan and the supporting documentation to execute the DR Plan?

Can any team member execute the entire DR Plan without help from the subject matter expert?

Can the availability requirement be achieved? If no, have you informed the affected personnel? Have they accepted the definiciency?

Controls