According to CISCO disaster recovery plan, procedures that I will include in the plan for my organization are:
1. Identification and analysis of disaster risks/threats: Power outage is one of the most critical risk that can be occurred in my setting (pharmacy storage for products that must be controlled temperature). However, system treats can be occurred if organization system is vulnerable and there is a gap for hacker. This will definitely effect the whole operation of organization.
2. Classification of risks based on relative weights: The risks mentioned in (1) can be classified into facility risks and data system risks.
3. Building the risk assessment: It is always good to have an assessment for risks. To prioritize the likelihood and impact that could happen. By having the risk that has highest score, it must be first concern.
4. Evaluation of disaster recovery mechanisms: After risks have been identified and assessed, we can evaluate suitable methods for recovery plan. For example, if temperature excursion occurred which it directly effect stability of the products. We should evaluate for products’ quarantine time, and recovery time in which how long the sponsor will allow them to be used again.
5. Disaster recovery committee: I think it is good to have disaster recovery committee in place. The roles and responsibilities for each of committee should be clearly defined for making it easier and smooth if the disaster happened.