Disaster Recovery, Erwood Group, Page 4

Accreditation

Accreditation Definition(s): Formal declaration by a Designated Accrediting Authority (DAA) or Principal Accrediting Authority (PAA) that an information system is approved to operate at an acceptable level of risk, based

Acceptable Risk

Acceptable Risk Definition(s): The level of residual risk that has been determined to be a reasonable level of potential loss/disruption for a specific IT System. Source: NIST 800-16 A level

Maximum Tolerable Downtime (MTD) [MTD]

Maximum Tolerable Downtime (MTD) Definition(s): The amount of time mission/business process can be disrupted without causing significant harm to the organization’s mission. Source: NIST SP 800-34 Similar and Related to

Disaster Recovery Plan [DRP]

Disaster Recovery Plan (DRP) Definition(s): The management approved document that defines the resources, actions, tasks and data required to manage the technology recovery effort. Source: BCI/DRJ A written plan for

Disaster Recovery [DR]

Disaster Recovery (DR) Definition(s): The Strategies and plans for recovering and restoring the organization’s technological infra-structure and capabilities after a serious interruption. Source: BCI The process, policies and procedures to

Recovery Time Objective [RTO]

Recovery Time Objective (RTO) Definition(s): Time goal for the restoration and recovery of functions or resources based on the acceptable downtime and acceptable level of performance in case of a

Maximum Allowable Downtime [MAD]

Maximum Allowable Downtime (MAD) Definition(s): The absolute maximum time that the system can be unavailable without direct or indirect ramifications to the organization. Source: BCM Institute The maximum time a