Companies Exposed from Inadequate Disaster Recovery Planning and Testing

Symantec announced the findings of an international study indicating that while 91 percent of IT organisations carry out full scenario testing of their disaster recovery plans incorporating relevant people, processes and technologies, nearly 50 percent of those tests fail.

This means that one in two UK organisations is not equipped to handle events, such as natural disasters, computer system failures and external computer threats.

Nearly half of IT organisations surveyed have had to execute their company's disaster recovery plans. The research findings show that 48 percent of organisations have had to execute disaster recovery plans and 44 percent surveyed without a disaster recovery plan experienced one problem or disaster, while 26 percent experience two or more, and 11 percent experienced three or more.

69 percent of respondents were concerned about their company's brand and reputation, 65 percent feared harm to overall customer loyalty, 65 percent were concerned with the impact to their competitive standing, while 64 percent were worried about losing company data in the wake of disasters.

Despite this 77 percent of CEOs surveyed are still failing to take an active role on disaster planning committees.

Concerns that prompted IT organisations to create a disaster recovery plan included 69 percent citing natural disasters, 57 percent naming virus attacks and 31 percent specifying war and/or terrorism.

67 percent surveyed cited computer failure and 57 percent named external computer threats, while 89 percent agreed upon acceptable levels of risk with non-IT business executives in their organisation, only 33 percent have done so for all the threats to which they feel exposed.