Disaster Recovery Plan Management with SAMMY

Are all your disaster recovery plans up to par? Do they include everything they need to include? How can they be improved? Who is responsible for what? SAMMY can help you answer all of these questions and many more. Get clear visibility on the state of your disaster recovery plan.

What is a disaster recovery plan and why do you need them?

SAMMY uses the NIST guidance formulated in special publication 800-34 rev 1. Using the SAMMY logic we turned the 150 page guidance into a set of maturity measuring questions and scoring system. Thus you can map your activities to the guidance and identify gaps in your DRPs.

The default model in SAMM is OWASP SAMM. In order to start a DRP management instance you must login and go to scopes, there you create a DRP scope. Then you can enter this scope to enter DRP management mode.

Validation is done on an activity level. When done internally it is typically done by the person that is leading the overall assessment. He or she reviews the answers and the evidence presented, should he not be satisfied the activity returns to the assessment step with his comments. If the assessor approves, the activity moves to the improvement track. In some cases the validator may be an external expert. 

In SAMMY you have a quick overview of scores in the left navigation menu and there are more detailed scores in the reporting tab on top, these include:

• Overview of score per business function.
• Scores per practice.
• Scores per business function
• Comparison between scopes
• Historic growth per business function

Here you can also visualize the improvement roadmap and show the improvement targets. 

Sammy can automatically create a report which includes an overview of the state of the DRP and the roadmaps for improvement. 

You may have different DRPs with different scopes. However you define the scopes you can easily implement, compare and manage different scopes in SAMMY.