Disaster Recovery Plan

AL Refs: REC07, GOV39

Purpose and Scope

The objective of the Disaster Recovery Plan is to document the planned procedure for recovery of the critical systems and infrastructure in the event of a major adverse event. This may include a system security breach, loss of integrity or availability of the production databases, a system or third-party vendor failure that causes corruption or outage of the critical production systems, or other major incident where recovery of the systems and infrastructure is required. It should be used in conjunction with the Incident Management Policy, Incident Response Plan and Business Continuity Plan. The disaster Recovery Plan focuses on the operational steps for system recovery, where the Incident Response Plan includes the operational steps for managing the event, and the Business Continuity Plan for ensuring continued business operations.

Example Disaster Recovery Plan


Incident Management Owner

Responsible for all aspects of the implementation and management of the Incident Management Policy, Incident Response Plan, and Disaster Recovery Plan including readiness to respond to events, revisions and communication of the plans, and allocation of responsibilities. Responsible for decision making in relation to major events including when to enact this plan.

Emergency Response Team

The Emergency Response Team are required to oversee and coordinate the incident response and ensure all appropriate steps are taken until the matter can be closed and retrospectively reviewed for lessons learned. The team is responsible for ensuring appropriate awareness and readiness to respond to major incidents including disaster recovery requirements.

Information Security Manager

The Information Security Manager is responsible for assessing incidents and responses to ensure information security implications are considered and mitigated appropriately.

Important Contacts

ERT Contacts:




John Billings





Operations Manager









General Counsel



The Board &. Senior Leadership Team



















External Parties





Emergency security response and advisory



Legal counsel on products liability



Public relations consultancy



System Components and Recovery

Each system component has a backup and recovery process included in the table below. These identify whether backups are performed and where those backups are located to source in the event that recovery is required. The Recovery Time Objectives (RTOs) are based on the criticality of each system, and accordingly the level of priority and target time to have those systems returned to live. The recovery steps include a step-by-step guide on what’s required to compete the recovery for each system or system component.

System component



Recovery steps

MongoDB Database

Yes: EC2

2 hours

-        Log into AWS Management Console

-        Download the backup data required

-        Use MongoDB mongorestore to recover the data

Application servers

Yes: EC2

2 hours

-        Log into AWS Management Console

-        Delete existing instances of the application servers

-        Run the cloudformation to rebuild the application servers

GitHub source code

Yes: EC2

24 hours







Yes: EC2

24 hours