Template: Disaster Recovery Test Protocol
Instructions
Documents the regular effectiveness review of DR capability under §30(2) No. 3 BSIG. At least annually, semi-annually for critical systems.
Test Master Data
| Field | Value |
|---|---|
| Test ID | DR-YYYY-XXX |
| Test type | [ ] Tabletop [ ] Walkthrough [ ] Simulation [ ] Full failover |
| Date | [Date] |
| Duration | [Start – end] |
| Test lead | [Name] |
| Observers | [List] |
| Systems tested | [List] |
| Scenario | [Description of simulated incident] |
RTO/RPO Targets
| System | RTO target | RPO target | Actual RTO | Actual RPO | Passed |
|---|---|---|---|---|---|
| [ ] | |||||
| [ ] |
Test Sequence
| Time | Action | Owner | Result |
|---|---|---|---|
Observations
| Category | Observation | Severity |
|---|---|---|
| Technical | [Low/Medium/High] | |
| Process | [Low/Medium/High] | |
| Communication | [Low/Medium/High] | |
| Documentation | [Low/Medium/High] |
Assessment
| Criterion | Result |
|---|---|
| RTO met | [ ] Yes [ ] No |
| RPO met | [ ] Yes [ ] No |
| Data integrity confirmed | [ ] Yes [ ] No |
| Communication chains functional | [ ] Yes [ ] No |
| Escalation functional | [ ] Yes [ ] No |
| Overall assessment | [ ] Passed [ ] Passed with conditions [ ] Failed |
Actions
| Finding | Action | Owner | Target date |
|---|---|---|---|
Approval
| Name | Date | |
|---|---|---|
| Created by | ||
| Reviewed by (CISO) | ||
| Acknowledged by (Management) |
Notes
- The next DR test is due no later than 12 months after this test
- "Failed" requires a re-test within 30 days
- The protocol is archived for at least 3 years