Time is running out as the Digital Operational Resilience Act (DORA), which came into force in 2023, will apply from 17th January 2025. This isn’t just another deadline on the calendar; it marks the introduction of a new set of data protection and recovery standards that promise to change the UK financial industry.
The new rules impose stricter regulations on operational resilience and recovery capabilities. These regulations are designed to strengthen the financial sector, ensuring that consumers remain protected and businesses can operate with stability. Any disruption in operations can harm consumers, put companies at risk, create problems for the UK’s financial services sector, and damage the UK economy.
Failing to meet the new standards could result in significant financial penalties. You probably want to be sitting down while reading the consequences.
By focusing on best practices and preparedness IT leaders can ensure their operations are able to stay resilient even in the event of severe operational disruption and, almost as importantly, meet the legal requirements.
Who’s responsible for it?
Ownership of the backup and recovery process often falls between multiple departments—IT infrastructure teams, database administrators, and sometimes external vendors. However, the ultimate responsibility lies with the organisation’s IT leadership. IT managers, senior system engineers, and CIOs must ensure the right resources, tools, and procedures are in place.
When something goes wrong, it’s important to know who is in charge of fixing it. Having a clear ownership plan helps ensure that people are accountable for their actions. Teams must communicate to ensure that everything goes according to plan when there’s a problem, and they should practice and prepare for different recovery scenarios.
What happens when it all goes wrong?
Failures can and do happen. Hardware malfunctions, human errors, software glitches, or even natural disasters can lead to system downtime or data loss. The consequences of a poorly executed or missing backup can be catastrophic, ranging from operational disruptions to severe financial losses and damage to your company’s reputation.
Common failure scenarios include:
- Logical data corruption caused by application program errors.
- Hardware failures such as central electronic complex (CEC) failures and disk subsystem failures
- Human errors like taking disks offline, deleting datasets, executing incorrect recovery procedures
- Database failures resulting in logical data corruption caused by system software or coupling facility control code defects
The question isn’t whether something will go wrong, it’s when, and how prepared your organisation is to respond.
How You Can Avoid It Going Wrong
The key to preventing backup and recovery issues is proactive planning. By implementing best practices and following strict procedures, you can greatly reduce the risk of a recovery crisis.
Some steps IT leaders can take to avoid data loss include:
- Building and maintaining a ‘stale’, critical function copy of the production database to continue business in the event of logical data corruption.
- Having the capability to create an on-demand forensic copy of the production database to diagnose and resolve logical data corruption while continuing to transact business
- Developing and maintaining optimised full database recovery procedures, both for recovery to current and, in extreme cases, to a point in time.
What to Do When a Recovery is Required
When disaster strikes, it’s important to have a step-by-step recovery process that your team can follow. A pre-prepared, tested, and optimised recovery plan complete with recovery jobs and post-recovery validation enables quick action with minimal disruption. The best backup strategy is useless if it’s not properly executed and maintained. Regular testing will validate your backup plan, identify opportunities for futher optimisation, flush out any errors and familiarise your SMEs with the recovery process. Test recovery plans regularly and update strategies as the business and technology change.
Cost vs Risk
IT leaders must balance investment in backup and recovery against the potential cost of data loss and downtime. Partnering with Db2 and backup solution providers like Triton Consulting can help you stay ahead of evolving threats and needs.
Get ready to adapt because the countdown to the Digital Operational Resilience Act is on and the implications could be game-changing! Learn more about how we can assist you in meeting the FCA compliance deadline on March 31, 2025. Email us at enquiries@triton.co.uk, tel: +44 (0)870 2411 550 or visit our Contact us page and complete the form.