Disasters of both the man-made and natural varieties -from hurricanes, wildfires, and floods, to "brown outs" and network failures- all bring home the need for data protection and the ability to recover quickly from outages and site incidents to resume operations. Organizations must ask themselves unpleasant "what if" questions in order to determine their vulnerabilities in the face of these potential disasters, which can impose unacceptable interruptions on business and services.

Once the "what ifs" have been asked, businesses generally recognize the need for Disaster Recovery (DR) planning to protect critical data and resume operation in the event that disaster strikes. It goes without saying that the IT department of an organization has a high stake in this, since their credibility is on the line, as users will depend overwhelmingly on the support of the IT department to get business operations back to normal after a disaster.

Therefore, the first stage in creating a Disaster Recovery Plan is to quantify the value of an organization’s data, by breaking it into classes based on its importance. The figure below illustrates a generally accepted tiered, pyramidal structure that shows the relative value of five classes of data within an organization.

During this process of determining the data value hierarchy, it also becomes clear that some applications and services are more disaster-resistant than others. Some applications such as emergency services, sales and order processing, or other customerfacing applications demand near-instant recovery, while others can withstand down time of up to a few hours. One of the key steps in these initial planning stages, therefore, is for the stakeholders in the organization to agree on recovery priorities and benchmarks for successful recovery at all classes in the data hierarchy, as they will be different for each.