What's a recovery point objective?
Along with a recovery time objective , a recovery point objective is one of the primary tools for establishing a disaster recovery plan or a data protection plan. It’s also a tool for helping an enterprise select the data backup plan that meets its needs.
Recovery point objectives and recovery time objectives establish the foundation for determining and discerning strong inclusion strategies for the business continuity plan. These strategies should allow for the speedy resumption of business processes within a time frame equal to or close to the RPO and RTO.1
Although they’re both tied into determining disaster recovery, a recovery point objective must remain independent of an recovery time objective or the minimum estimated time needed to restore regular operations following a system or network failure.
Like recovery time objectives, recovery point objectives helps determine disaster recovery policies and procedures. The recovery point objective helps administrators choose the best backup and recovery technologies to use, depending on the overall design strategy that data loss shouldn’t delay the recovery time objective.
How’s a recovery point objective different from an recovery time objective?
Both recovery point objectives and recovery time objectives are concepts used for supporting business continuity. They also work as business metrics and can help you calculate how often your business should perform data backups.
Recovery point objectives and recovery time objectives are instrumental to a business’ disaster recovery plan or data protection plan. They’re both linked to business impact analysis, a systematic process that can help separate critical and urgent organization-specific functions and activities from non-critical and non-urgent ones. Functions can be considered critical if specified by law.
A recovery point objective and recovery time objective are the two values that are assigned for each function. Whereas a recovery point objective determines how much data will or will not be recovered after a disruption, recovery time objective determines how much time it takes for a system to transition from disruption to regular operations functioning normally.
How’s a recovery point objective calculated?
Recovery point objectives go backwards in time, stretching back from the instance of disruption to the last backup point where the data is usable. They can also measure how often you should regularly back up your data.
In terms of calculation, recovery point objectives are usually calculated in minutes or hours but, depending on the urgency or lack thereof, they can also be calculated in seconds or days. A recovery point objective determines how far back into the data’s history you need to go for backup storage to resume normal operations after a computer, system, or network experiences disruption from a hardware, program, or communications failure.2
A recovery point objective can also be considered the maximum acceptable amount of data loss that’s measured in time. In addition, it can describe how much time passes during a disruption before the amount of data lost during the period of disruption extends beyond the business continuity plan’s maximum allowable “tolerance” or threshold.
For example, if a computer system has a recovery point objective of 30 minutes, that means that the maximum window for data loss following a disruption is 30 minutes. Therefore, a backup of the system must be performed every 30 minutes.
When should you schedule data backups for a recovery point objective?
Recovery point objectives are often easier to perform than recovery time objectives. The reason is because data use provides few variables and is generally consistent. However, the opposite can also be true since calculating restore times is usually based on your whole operation and not just your data.
When the disruption happens is also a factor in the restore time. When constructing your data backup schedule, consider what hours your business is the busiest and least busy. For example, if you have a disruption at 3 AM Eastern Standard Time and IT resolves the disruption by 5 AM, did you lose two hours’ worth of data? If this timeframe is a low-traffic period for your business, then probably not.
For another example, let’s say your business backs up its data every 10 hours. There’s a disruption at noon and it’s quickly resolved with your business back to normal by 12:30 PM. Because there was only a 30-minute window of data loss from 12 PM until 12:30 PM, you don’t need to restore all the data from the previous 10 hours. You only need to restore data from the lost 30 minutes.
Disaster recovery and disaster recovery plans
Not to be confused with emergency management and disaster response, disaster recovery deals with IT infrastructure and systems in support of important business processes. Disaster recovery is a subset of business continuity, which works to maintain all vital aspects of a business despite any disruption.
Disaster recovery includes the policies, tools, and procedures that compose the eponymous restoration or continuation of critical technology infrastructure and systems after a natural or manmade disaster has occurred.
A disaster recovery plan is the process or set of procedures that help restore and protect an organization’s IT infrastructure and systems following a disaster.3 This process can be expanded to take place before and during a disaster.4
- Jaspreet Singh. Understanding RPO and RTO, Druva, September 2019.
- Recovery Point Objective (RPO), Techopedia, 11 November 2011.
- Bill Abram. 5 Tips to Build an Effective Disaster Recovery Plan, Small Business Computing, 14 June 2012.
- Geoffrey H. Wold. Disaster Recovery Planning Process, Disaster Recovery Journal, Adapted from Volume 5 #1. Disaster Recovery World. Archived from the original on 15 August 2012.