Once you have a completed disaster recovery plan, you must regularly review, update, and test it.
- Make backups at intervals required by your disaster recovery plan for the level of data you are maintaining. (See Back Up U-M Data.)
- Check your backups at regular intervals to ensure they are backing up your data as intended and the data are recoverable if needed.
Review and Update Your Plan
Disaster recovery plans must be reviewed annually and updated whenever a significant change to system architecture, system dependencies or recovery personnel occurs. This includes, but is not limited to:
- Changes to IT infrastructure, such as data center used, networking, systems hardware, and so on.
- Changes to data types stored in a system.
- Changes to staffing that impacts persons with roles in the data recovery plan.
At a minimum, an annual tabletop exercise or equivalent should be conducted that simulates the abrupt and unscheduled loss of critical functions. The Information Assurance disaster recovery plan template describes testing methods you can use in Appendix F: Testing Methods.
When you update or make changes to your plan, repeat your testing.