Five questions every board member should ask the CIO about disaster recovery

The last thing you should worry about when a disaster hits is your company’s disaster recovery plan — you should have a solid DR plan, proven effective and designed to move immediately into motion if and when needed. That way, you can bring operations back to normal as soon as possible. And, as a board member, understanding the organization’s plans is paramount to your role.

Here are five questions every board member should ask their CIO or IT director to ensure the organization can continue operations in the event of a disaster. 

1. What is the economic risk if core applications go down for one day, one week or even longer?

With technology, disruptions happen. Short disruptions are more common, while multi-day, prolonged outages are much more rare. When it comes to your revenue-generating applications, can your business’s bottom line withstand a disruption?

Determine the value your applications bring to the business on a per minute, per hour and per day basis to understand the financial implications if they go down.

2. How are applications protected currently? Are core applications protected differently than lower-ranking applications?

All businesses have some applications that are more critical than others. Are your business- and mission-critical applications currently protected in the event of a power outage, human error or tornado? How are they being protected and how quickly can they be brought back online in the event of a disaster?

Understand which applications are protected and to what extent, so you know where your vulnerabilities stand.  

3. What will happen to key data in the event of a disaster?

The integrity of your data is the most important reason to protect your applications. Ask your team what would happen if a virus corrupted your data. Could it be recovered? If your data gets out of sync when it tries to come back up during a recovery, will transactions be lost or will your team need to allow for extra time to realign databases?

Make sure your DR plan ensures continuously protected, secure data, regardless of what type of disaster strikes. 

4. What types of disasters should be guarded against?

Are your applications protected if your geographic region is hit by a natural disaster like a tornado or earthquake? What about pure human error? Does your solution allow you to choose from multiple points in time or just the latest backup checkpoint?

Solutions are available to remediate a variety of disruptions. Find out what you’re already protected against and where you may have gaps. 

5. What were the results of your latest full recovery test?

Ask your team for a complete report on how the last full disaster recovery test went, and when the next test is planned. Most organizations should test their technology DR plan at least twice a year.

Don;t be afraid to push for a more robust test. The more well tested the solution, the better the likelihood your company can survive a real-life scenario. 

Martin Van Buren brings nearly 25 years of financial and information technology leadership experience to his role as COO at Bluelock. Prior to joining Bluelock, he served as the CIO and senior vice president of learning technologies for ITT Educational Services. For more information, visit