Managing risk

Why your business should have a Disaster Recovery Plan

Does your Business Continuity Plan (BCP) contain a Disaster Recovery Plan? As an Australian small business owner, you should be considering common events like bushfires and floods, as well as system failures. The fact is, most modern businesses rely on information technology (IT) to stay operational.

So, have you ever thought about what would happen if your IT infrastructure failed?


Get a Business Insurance quote


What is a Disaster Recovery Plan?

A Disaster Recovery Plan is a document outlining what’s needed to recover and restore business operations after a major event disrupts your IT. Forming part of your overall BCP, it’s comprehensive and covers preventive measures, response plans and recovery procedures to reduce downtime and ensure the continuity of critical business functions.


What’s the difference between a Business Continuity Plan and a Disaster Recovery Plan?

Both plans are temporary measures.

A Business Continuity Plan details how a business will operate immediately after an event such as a fire, weather related event or water damage from a burst pipe. It’s used until the business is back running at its usual capacity.

A Disaster Recovery Plan details the steps a business will take immediately following the failure of your IT infrastructure. It looks at how your business will deal with the loss of data and regain some level of functionality, even at a minimal level.


Key steps in creating a Disaster Recovery Plan

Risk assessment

Identify any potential risks and vulnerabilities that might impact your business and its data systems.

Business Impact Analysis

A Business Impact Analysis predicts how interruptions will impact your critical business functions and what the likely outcomes of those interruptions would be.

Define recovery objectives

Determine the minimum resources your business will need to recover from a disruption and work towards resuming business as usual.

Develop response and recovery strategies

Plan and implement suitable processes to deal with different disaster scenarios, including:

  • data backup,
  • system restoration,
  • alternate working arrangements, and
  • communication protocols.

Testing and training

Regularly test the plan to identify any gaps or weaknesses. Train employees on their roles and responsibilities during a crisis.

Maintain and update the plan

Document the plan in detail, making it available to the relevant stakeholders. Monitor and regularly update to ensure it continues to align with changing business needs and emerging threats.

How a Disaster Recovery Plan can help your business

Regardless of the size or nature of your business, you should consider having some type of Disaster Recovery Plan, even if it’s just a supplement to your Business Continuity Plan. It can help:

  • resume business continuity
  • minimise downtime
  • protect data and assets
  • protect your business reputation
  • boost customer confidence, and
  • meet your business compliance and legal requirements.

Even if you’re a small business, a Disaster Recovery Plan could prove to be a business lifeline if disaster strikes. It provides a roadmap to navigate the challenges posed by these events while safeguarding the continuity of critical business functions. By being proactive, you may be securing your business's future and ability to thrive, even in the wake of unforeseen events.


Contact GIO


Read more:

Insurance issued by AAI Limited ABN 48 005 297 807 trading as GIO. Read the Product Disclosure Statement before buying this insurance. Go to for a copy. The Target Market Determination is also available. This advice has been prepared without taking into account your particular objectives, financial situation or needs, so you should consider whether it is appropriate for you before acting on it. This information is intended to be of a general nature only. We do not accept any legal responsibility for any loss incurred as a result of reliance upon it – please make your own enquiries.