Disaster Recovery Down Under

According to a security audit in the New South Wales region of Australia, four of 30 government agencies reviewed had no disaster recovery plans whatsoever, while three had plans that were untested and one had no plan for one of its “financially significant systems”, according to IT News.

As part of a “shaming crusade”, said IT News, the NSW audit office is trying to get the NSW treasury to increase its requirements for agencies to test their disaster response plans to once a year. Currently, the Treasury only demands that disaster recovery plans are tested every two years, which the audit office says is not keeping with international best practice, said IT News.

According to the audit report, more than 15 of the 30 agencies were not testing their disaster response plans fully, and some were not testing them at all, or not physically housing their production and disaster recovery data centres.

“The audit office has been hounding NSW government agencies about their IT back-up plans for four years now, and said over this period 20 percent of reviewed entities had come up empty handed when asked about their DR provisions,” said IT News.

The Treasury is trying to combat the increase in agencies with no disaster recovery plan, both in the public and private sector.