A Disaster Recovery Plan (DRP) outlines the procedures for restoring an

organization's IT infrastructure and operations in the event of a significant disruption. A

critical component of a DRP is the order of restoration for critical systems, ensuring

that the most essential services are brought back online first to minimize business

impact. This aligns precisely with the document described in the question.

· A. Communication plan: This plan focuses on how, what, and with whom to

communicate during and after an incident, not the technical sequence of system

recovery. According to NIST SP 800-34 Rev. 1, communication is a part of the overall

contingency planning, but the specific document for system restoration order is the

DRP.

· B. Incident response plan: An Incident Response Plan (IRP) provides procedures for

responding to and managing security incidents like cyberattacks or data breaches.

While recovery is a phase in incident response, the detailed sequence of bringing all

critical systems back online after a major outage (disaster) is the core of a DRP, as per

NIST SP 800-61 Rev. 2.

· C. Data retention policy: This policy dictates how long data must be kept and how it

should be disposed of. It does not address the restoration sequence of IT systems after

an outage.

1. National Institute of Standards and Technology (NIST) Special Publication 800-

34 Rev. 1, "Contingency Planning Guide for Federal Information Systems"

o URL: https://doi.org/10.6028/NIST.SP.800-34r1

o Relevant Section: Section 3.3.3, "Recovery Phase," discusses restoring

information system operations at an alternate location and recovering information

system operations at the original or new site. Appendix G, "Sample Disaster Recovery

Plan," typically includes restoration priorities. Specifically, page 30 (PDF page 38)

states, "The DRP should also identify critical success factors and a prioritized list of IT

systems and functions to be recovered."

2. National Institute of Standards and Technology (NIST) Special Publication 800-

61 Rev. 2, "Computer Security Incident Handling Guide"

o URL: https://doi.org/10.6028/NIST.SP.800-61r2

o Relevant Section: Section 2.3.2, "Incident Response Policy, Plan, and Procedure,"

and Section 3.4, "Recovery." While incident response includes recovery, the detailed

order of bringing critical systems back online after a major outage (disaster scenario)

is more specific to a DRP. The IRP focuses more on containment, eradication, and

recovery from the incident itself.

3. Valacich,

J. S., & George,

J. F. (2020). Modern Systems Analysis and Design

(9th ed.). Pearson. (Reputable academic publisher, analogous to university

courseware)

o Relevant Chapter/Section: Chapter 15, "Maintaining Information Systems." This

chapter typically covers business continuity and disaster recovery. Disaster recovery

plans explicitly include "procedures for rebuilding or restoring critical systems."

(Specific page numbers can vary by edition, but the concept is standard in DRP

discussions). The focus is on a "prioritized list of applications" for restoration.