The following is a list of general objectives departments should consider when creating an Information Disaster Prevention and Recovery Plan:
- Ensure the safety of all employees and visitors at the site/facility
- Protect vital information and records
- Secure business sites and facilities
- Safeguard and make available vital materials, supplies and equipment to ensure the safety and recovery of records from predictable disasters
- Reduce the risk of disasters caused by human error, deliberate destruction, and building or equipment failures
- Be better prepared to recover from a major natural catastrophe
- Ensure the organization's ability to continue operating after a disaster
- Recover lost or damaged records or information after a disaster
A sound understanding of the nature, scope, and limitations of a disaster plan ensures that management's expectations are realistic and the plan plays its proper role in achieving the department's overall goals and objectives.
An information disaster plan is a practical program of preventive steps and actions responding to potential and actual disasters. While each department must determine its own specific objectives, several main objectives are present in all plans. The plan should:
- Identify and adequately protect the department's vital records (vital records program)
- Reduce the risk of disasters caused by human error, deliberate destructiveness, and building or equipment failure, as well as, the adverse consequences of all disasters by mandating specific security, maintenance and training programs (disaster prevention)
- Ensure the department's ability to effectively resume operations after a disaster by spelling out management policies, procedures, and resources to be activated in disaster situations (crisis management)
- Ensure the department's ability to rapidly reconstruct essential information and salvage damaged records containing information essential to establishing detailed recovery procedures, and a management directive for implementation (disaster recovery)
An information disaster plan is a written, approved, implemented, and periodically tested program to identify, protect, reconstruct or salvage an organization's vital and historical records, and establishes procedures for the immediate resumption of business operations in the event of a disaster.