NIRMATA Playbook — Infrastructure Security (IS-Q12)

Question: Are infrastructure resilience and disaster-recovery capabilities tested, documented, and continuously improved?

Objective — Why This Matters
Resilience ensures the organization survives hardware, network, or cyber incidents with minimal downtime and data loss.
Maturity Levels (0 – 5)

0 — Unaware
No recovery plan; reliance on luck.

1 — Ad Hoc
Unstructured backups; no defined recovery objectives.

2 — Defined
Documented DR plan with RTO/RPO values.

3 — Managed
Periodic recovery drills and gap tracking.

4 — Integrated
Automated failover and monitoring dashboards.

5 — Optimized
Continuous testing with metrics-driven improvement.

From → To	Actions
0 → 1	Identify critical systems and capture manual recovery steps.
1 → 2	Document formal DR plan with objectives and owners.
2 → 3	Conduct annual recovery drills; record outcomes.
3 → 4	Automate failover and status dashboards.
4 → 5	Schedule quarterly tests with continuous improvement tracking.

People / Process / Technology Enablers
People – Business Continuity Manager, Infra Admins.
Process – DR plan review, test scheduling, corrective action tracking.
Technology – Rsync, DRBD, Kubernetes replication, Grafana.
Evidence Required
Approved DR plan, test results, corrective-action log.
Metrics / KPIs
• percentage of critical systems covered by DR plan
• number of successful recovery tests completed per year
• average recovery time vs defined RTO
Low-Cost / Open-Source Options (MSME)

Purpose	Tool	Notes
Replication	DRBD / Rsync / Restic	Sync critical data between sites.
Automation	Kubernetes / Ansible	Automate recovery scripts.
Monitoring	Grafana / Prometheus	Display failover health metrics.

Common Pitfalls
DR plans never tested; reliance on backups without restore validation.
Compliance Mapping

Standard	Clauses / Notes
ISO 27001	A.5.30 / A.8.13.
NIST CSF 2.0	RS.RP-1 / RC.IM-1.
CERT-In 2022	Annual DR testing requirement.
NIRMATA Scoring	IS-Q12 ≥ Level 4 requires automated failover validation.