Last updated: April 29, 2026
An Ahmedabad logistics company believed its disaster-recovery plan was sound — annual paper review, off-site backup tape rotation, documented procedures. When ransomware hit on a Saturday morning, the team discovered backup tapes from 6 weeks earlier (rotation had silently broken in the tape library), no functional DR site (the agreement had lapsed), and procedures referencing tools and people from three years ago. Recovery took 11 days; revenue loss was ₹12 crore. DR plans that have never been tested in anger are not plans — they are wishful documents. This module covers RTO, RPO, and how to build a DR programme that actually works.
Defining the targets
- RTO (Recovery Time Objective) — maximum acceptable time from disaster declaration to system back online
- RPO (Recovery Point Objective) — maximum acceptable data loss measured in time
- MTPD (Maximum Tolerable Period of Disruption) — beyond which the business itself is at risk
- WRT (Work Recovery Time) — time after RTO to re-validate data and resume normal operations
RTO and RPO must be set per system based on business impact. A core banking system might have RTO 1 hour / RPO 0; a marketing analytics system might have RTO 7 days / RPO 24 hours. Same RTO across the entire estate is wasted spend or unrealistic promises.
Get a free attack-surface review
We check what an attacker would see about your business — leaked credentials, exposed services, dark-web mentions. 30 minutes, no obligation.