Overview of ITDR

Before you begin, here are several important points to keep in mind:

Information gathering is essential. Before starting with ITDR, it's essential to collect all necessary information. Refer to the prework table for the questions to consider and data to gather in advance.
Follow a workflow-driven process. ITDR follows a sequential workflow where data must be entered step-by-step, with each entry building on the previous one. You also have the flexibility to revisit earlier sections and make updates before final submission.
Use guided assistance. Within ITDR are descriptions and help text to guide you on how to answer questions and enter data accurately, ensuring you are supported throughout the process.
Expect a learning curve. The first time you use ITDR, it may seem unfamiliar and involve entering a lot of data. However, as you go through subsequent update cycles, the process will become more intuitive, requiring only incremental updates.
Reviews and approvals are Integrated. Once your ITDR plan updates are complete, the plan will undergo two levels of review and approval, ensuring thorough validation and quality assurance.
Export your approved plan. After your ITDR plan is approved, you can print it or save it as a PDF outside of CardinalShield application for easy access and reference.

By following these steps, you can efficiently use CardinalShield ITDR to create and maintain comprehensive disaster recovery plans, ensuring preparedness and resilience for your IT infrastructure.

WORKFLOW STEPS	SUMMARY OF DATA BEING GATHERED
Administrative	Department/workgroup name DR plan owner Service Service deployment model
Scope	Services or applications that experience outages/degradations and recover, with the primary service named in the Administrative section
Vendor Information	Vendor name Vendor documentation, e.g., service agreement, SOC reports
Service Infrastructure	Non-production environments General assumptions and dependencies IaaS-provider, region/availability zone, instance type, O/S name & version, other characteristics (auto-scale, etc.) On-prem-system, location, host name, manufacturer, model #, # processors, memory, O/S name & version; if VM, note which ESX host
Recovery Team Resources	Role, skillset, alternate, contact number, contact email, on-call schedule Product/service name, contact name, phone, email, website, contract #
Outage Notifications, Escalations, Monitoring & Communications	Vendor system status portal, vendor outage notifications, vendor escalation procedure Monitoring tools, UIT teams responsible for alerts, monitoring cadence, how alerts are delivered to the team Special communications or service level considerations
Recovery	Recovery Objectives - RTO, RPO Backups - Backup solution, type of data being backed up, retention policy, backup cadence, storage location Recovery Steps - process name, details, owner, estimated time to complete
Scenarios	Risk-based scenarios and response steps
Testing, Drills, and Maintenance	Testing, disaster recovery exercises conducted Regularly scheduled maintenance, patching, or server reboots
Closing Steps and Approval Setup	Document any other details not previously captured Assign local approval responsibilities to the service owner
Local Approval	Service owner reviews and approves or requests revisions
Closing Approval	CardinalShield ITDR conducts final closing approval