“Disaster recovery” is traditional terminology from the 1990s, and disaster recovery plans (DRPs) created during that time typically addressed major events, such as hurricanes, tornadoes, or earthquakes. However, not all disasters are environmental- or nature-based.

That’s why, in the early 2000s, when most organizations began to rely heavily on computers, disaster recovery planning began to focus on information technology (IT) disasters. DRPs now needed to include what to do in situations such as an organization’s servers going down.

Many organizations focused mainly on data recovery, but an organization does not run solely on data. Although it certainly needs access to its IT systems and data, leadership also needs to take a holistic view of the organization to better recover and address the effects on all departments and in all facets of operations.

Today’s DRPs must encompass a variety of potential scenarios. After all, a terrorist attack—such as those that occurred on September 11, 2001—can be every bit as devastating as a tornado.

Two years of road construction can force a retail operation into bankruptcy. Software malfunctions and data loss from a computer virus may give a company a big enough black eye that it can never recover.

In today’s complicated business environment, organizations need to consider a much broader range of disaster-related events rather than relying on the narrow focus of the traditional plans. They also need ...