YALE-MSS-3.2: Test the Disaster Recovery Plan

Testing your DR plan is critical to ensure a complete, effective plan. Regular testing must be performed to ensure that:

• All contact information is complete and accurate
• All recovery steps are clearly identified and are in the correct order for restoration
• All system inventory is accurate
• All members of the team can access the DR plan and any corresponding documentation
• All elements of the DR plan can be executed without the assistance of the subject matter expert
• The plan will ensure successful recovery of the system based upon the availability requirements
• Gaps or errors in the DR plan are identified

Testing must be performed at least once per year.

Common options for testing include the following:

• Paper test: individuals read and annotate recovery plans
• Walkthrough test: groups walk through plans to identify issues and changes
• Simulation: groups go through a simulated disaster to identify whether emergency response plans are adequate
• Parallel test: recovery systems are deployed and tested to see if they can perform actual business transactions to support key processes. Primary systems still carry the full production workload
• Cutover test: recovery systems are deployed to assume the full production workload. You disconnect primary systems

The choice of a testing option is driven by multiple factors. A complex system may require more than just a paper test. If testing happens frequently, perhaps setting up a cutover test each time doesn't make sense. If it's difficult to find availability for all test participants, maybe a tabletop simulation requiring everyone is a poor option. The type of testing selected should fit the scope and needs of the system and its team.

The DR plan must be able to facilitate a successful recovery within the defined RTO. If not, the plan or the availability requirements need to be updated.

In some cases, there may be an external obligation (e.g., regulation) which requries test results to be archived.