Q: What are the estimated recovery times (RTO/RPO)?

• Related Articles

• Q: Is there a documented Disaster Recovery Plan?

  A: Yes. A documented and tested Disaster Recovery Plan (DRP) exists, aligned with Azure Site Recovery (ASR) best practices. The DRP defines escalation paths, responsibilities, and technical procedures for service restoration.

• Q: How frequently are backups performed?

  A: Automated backups run daily for databases and virtual machines, with transaction log backups at shorter intervals where applicable. Configuration and infrastructure-as-code repositories are continuously version-controlled.

• Q: Where are they stored (physical location or cloud)?

  A: Backups are stored in Azure Storage accounts with geo-redundant storage (GRS), ensuring replication to a paired Azure region within the EU.

• Q: Is there any technical documentation available regarding compliance?

  A: Yes. Microsoft provides compliance documentation and audit reports through the Azure Trust Center and Service Trust Portal. System-specific compliance documentation (GDPR measures, security configuration, and policies) can be shared under NDA.

• Q: Are they encrypted and replicated across different locations?

  A: Yes. All backups are encrypted at rest with Azure Storage Service Encryption (AES-256) and replicated across geographically separated data centers within the EU. Data in transit is always encrypted via TLS/SSL.