Business Continuity & Disaster Recovery Plan

Verification Expired

Updated today

โ€ข

2 min read

Purpose

Document how Perfect Wiki keeps the service running through disruptions and how it recovers when underlying infrastructure or processes fail.

Scope

The Perfect Wiki SaaS service, its production data, and its core business operations.

Recovery objectives

  • Recovery Time Objective (RTO): 24 hours for restoring service availability after a SEV1 outage.
  • Recovery Point Objective (RPO): 24 hours โ€” restoration from the most recent daily backup is acceptable as a worst case.

Resilience controls

  • Managed cloud services. Production runs on Google Cloud managed services (Firestore, Cloud Storage, Pub/Sub) that provide multi-zone redundancy within each region.
  • Stateless application servers. Containers can be redeployed quickly from the latest image; configuration is held in environment variables provisioned outside the image.
  • Edge protection. Cloudflare provides TLS termination and DDoS protection.
  • Daily encrypted backups of customer data with up to 60-day retention.
  • Backups of high-value (Enterprise / Ultimate) channels additionally produce point-in-time HTML and PDF archives on a scheduled cadence.

Disaster scenarios & response

  • Application outage (code defect): Roll back to the previously deployed container image; investigate per Incident Response Plan.
  • Database corruption / accidental deletion: Restore the affected scope from the most recent daily backup. For single-customer recovery, contact [email protected]; the team can restore a copy of the customer's wiki created the day before the failure.
  • Regional GCP outage: Wait for Google Cloud to recover the region; communicate via the status page. For Enterprise customers with pinned residency, recovery is bound to the chosen region.
  • Loss of access to key personnel: Backup admin credentials and recovery codes are kept in secure storage accessible to the CEO/CTO's designated successor as documented in business continuity records.
  • Vendor outage (Azure OpenAI, Algolia, Qdrant, etc.): Graceful degradation โ€” core wiki functionality remains available; affected features are temporarily disabled and announced on the status page.

Testing

  • A backup restoration drill is performed at least annually using a non-production environment, with documented evidence retained.
  • This plan is reviewed annually and after any incident that invokes it.

Roles & responsibilities

  • CEO/CTO: Owns this plan, declares disasters, leads recovery.

Review cadence

Reviewed annually.

Related Articles

Was this page helpful?