The university’s Information Security Controls Requirements provide implementation guidance to improve your information security and address the risk objectives specified in the standards. IT01 Disaster Recovery aims to limit the negative impact of a disruptive event on IT operations and ensure timely access to information assets. This workshop uses example data for a fictional department to develop a baseline backup and disaster recovery plan that meets the requirements described in the IT01 Disaster Recovery Standard document. We’ll document a policy and build a process to classify data, perform backups, perform a test recovery, analyze errors logs, ensure encryption during transport and at-rest, securely store encryption keys, and maintain required disaster planning documentation. Learners can use the concepts from this workshop to evaluate their backup and disaster recovery plans through the lens of IT01.