In a recent article, Zach Church described how difficult it is for CIO's to get disaster recovery funding, particularly in these difficult economic times. That certainly has been my experience. The result is that many companies have well-thought out disaster recovery plans that have never been fully implemented, leaving the organization with a false sense of security.

When it comes to outsourcing, however, the problem becomes even more interesting. Outsourcing providers are often asked to comply with the customer's disaster recovery plan. Failure to do so is often considered a material breach of the agreement. Of course, this disaster recovery comes at a price - a price that is often imposed upon the business unit (rather than IT). Needless to say, customers often choose the lowest-cost option, which is generally relocation within the building or building complex.

Of course, this cost would have been viewed as a savings - if the customer had ever implemented the plan as written. However, since budget dollars are rarely allocated to DR implementation - and even when implemented, are often paid through the IT budget, the line item for disaster recovery is usually an unwelcome surprise for most customers.

The result is that many companies continue to function without meaningful disaster recovery. Thus, should disaster strike, many companies will not be able to recreate their lost information and many billions will be lost.