Data Backup & Recovery SOP Template

Action:

• Inventory all critical systems, databases, and file shares that require backup
• Classify data by recovery priority:
  • Tier 1 (Critical): Production databases, customer data, financial records — backup every 4-6 hours
  • Tier 2 (Important): Application servers, email, file shares — daily backup
  • Tier 3 (Standard): Development environments, archives — weekly backup
• Define Recovery Point Objective (RPO) and Recovery Time Objective (RTO) for each tier
• Document the backup schedule in the monitoring system

Expected Outcome: Complete inventory of systems with assigned backup tiers and schedules

Action:

• Open your backup management console (Veeam, Acronis, AWS Backup, etc.)
• Create backup jobs for each system according to the schedule:
  • Select the source (server, database, VM, or file share)
  • Choose backup type: full, incremental, or differential
  • Set the destination storage (local NAS, offsite, or cloud)
  • Configure retention policy (e.g., 30 daily, 12 monthly, 7 yearly)
• Apply the 3-2-1 rule: 3 copies, 2 different media types, 1 offsite
• Enable encryption for all backup data at rest and in transit
• Set up email/Slack notifications for job success, warnings, and failures

Expected Outcome: All backup jobs configured, scheduled, and sending notifications

Action:

• Check the backup monitoring dashboard each morning
• Review overnight backup job results:
  • Confirm all scheduled jobs completed successfully
  • Check backup sizes match expected ranges (sudden drops may indicate issues)
  • Review any warnings or partial failures
• For any failed jobs:
  • Check error logs for the root cause
  • Resolve the issue (disk space, network, permissions, etc.)
  • Re-run the failed backup manually
  • Document the failure and resolution in the backup log
• Verify offsite/cloud replication completed within expected timeframes

Expected Outcome: All backups verified as successful or failures documented and resolved

Action:

• Select a different system each month for a full recovery test
• Perform the test restore in an isolated environment:
  • Restore a VM or server from the most recent backup
  • Verify the restored system boots and services start correctly
  • Check data integrity — compare file counts, database row counts, or checksums
  • Test application functionality on the restored system
• Record the recovery time and compare it against RTO targets
• Document any issues encountered during recovery
• Update procedures if recovery steps have changed

⚠️ Important: A backup that hasn't been tested is not a backup. Monthly recovery tests are essential to ensure your backups actually work.

Expected Outcome: Recovery test completed, time logged, and any issues documented

Action:

• When data loss is reported:
  • Assess the scope — which systems, how much data, when did the loss occur
  • Identify the most recent clean backup point (before the issue started)
  • Notify stakeholders of the estimated recovery time
• Begin the restore process:
  • For file-level recovery: restore specific files/folders from the backup
  • For full system recovery: restore the entire VM or server image
  • For database recovery: restore to the identified recovery point
• Verify the restored data:
  • Confirm data integrity and completeness
  • Test application functionality
  • Have the requesting team validate their data

Expected Outcome: Data restored to the most recent clean state, verified by the requesting team

Action:

• After any recovery event, complete a post-incident report:
  • Root cause of data loss
  • Time to detect the issue
  • Time to restore (compare against RTO)
  • Amount of data lost (compare against RPO)
  • Lessons learned and preventive measures
• Review backup storage capacity quarterly:
  • Check available storage space on all backup destinations
  • Archive or delete expired backups per retention policy
  • Plan capacity expansion if usage exceeds 70%
• Update this SOP with any process improvements

Expected Outcome: Incident documented, storage reviewed, and SOP updated with lessons learned