📘 Topic: Disaster Recovery Planning

Domain: D7 – Security Operations
Tags: #cissp

---

🧾 Definition

Disaster Recovery Planning focuses on restoring critical systems and services after a disruptive event. It defines how an organization recovers data, applications, and operations within defined recovery objectives.

---

🔑 Key Points

• DRP typically uses recovery objectives such as RTO and RPO.
• Backups, alternate processing sites, failover mechanisms, and restore procedures are core components.
• Testing is essential to validate recovery capability.
• Recovery priorities should be based on critical business functions.

---

⚠️ CISSP Insight

• Backup alone is not recovery; the organization must be able to restore services quickly and safely.
• CISSP professionals should connect recovery planning to business impact and resilience.

---

⚔️ Key Difference / Trap

• DRP vs BCP
  • DRP = restore IT systems and data
  • BCP = maintain business operations more broadly
• Recovery plan without testing is only a document

---

🏗️ Example

A company uses an off-site backup repository and warm standby servers to restore customer-facing applications after a data center outage.

---

📚 References

• NIST SP 800-34, Contingency Planning Guide for Federal Information Systems
• ISO 22301, Business Continuity Management Systems
• NIST SP 800-53, CP family

---

🔁 Quick Recall

• DRP = restore IT services
• RTO/RPO = recovery targets