Non-functional Requirement - Logical Recoverability

Category: Recoverability

Context: Logical

Goals: When an IT system becomes unavailable because of a modification of business data outside of normal business processes, the system must be recoverable to a pre-failure state within a pre-established elapsed time, and with an acceptable data loss. The recovered IT system must be capable of meeting all pre-failure functional and non-functional requirements.

Rationale: If the availability or integrity of the system is sufficiently critical, the system must be capable of being recovered from modification of business data within a reasonable time frame and with functionality identical to a pre-failure state.

Requirement: Modification of business data outside of normal business process shall not cause user detectable loss of business functionality for an elapsed time more than Metric. After an elapsed time no longer than Metric, the user will be able to resume business functionality with data loss no more than Metric.

Level A:

A1. No more than the most recent one (1) hour of data modifications will be lost

Level B:

B1. The user detectable loss of business functionality will be an elapsed time of no more than one business day.
B2. No more than the most recent one (1) business day of data modifications will be lost.

Level C:

C1. The IT system must have defined and published recovery point and recovery time objectives.

Level D:

D1. The recovered IT system will meet all pre-failure functional and non-functional requirements.

Scale: Elapsed time, availability: Duration. Elapsed time, data loss: Duration

Stakeholders: ​IT System Managers, Operations, System Users

Implications: If this requirement is not met, the organization will incur significant risk of extended loss of business functionality in the event of unplanned or failed data modifications.

Applicability: See Enterprise Requirements Framework

Tags: Recovery, Logical, Configuration

Status: Approved, Requirement

Author: <Author>

Revision: <Revision>

Note:

Incorporates traditional concepts of database 'point in time recovery', file system snapshots and daily backups. A systems RPO is derived from this and other requirements.

This NFR is intended to assure that the system is designed so that after the data in a system has been modified outside of normal business practices (I.E logical file system or database corruption, poor configuration management, unauthorized data modification by either internal or external entities) the data managed by the systems can be recovered to a state at a point in time prior to the modification. 

For more information, see NFR Summary