This analysis addresses over 500 components of IT Policies and Procedures to determine the extent to which they insulate the company from operational risk, or conversely, the extent to which they expose the company to risk. Since nearly 80% of commercially supported disasters occur from “preventable” failures, prevention is a critical part of any disaster recovery capability and IT process and procedure is the foundation upon which that prevention is based.

This analysis will evaluate the following major categories: management controls, change management, problem management, information security, data backup and restore, data archiving, availability management, network management, performance management, configuration management, software distribution and data center documentation.