An area of security planning that aims to protect an organization from the effects of significant negative events. It involves policies, tools, and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. Disaster recovery strategies typically include data backup and recovery, systems fail-over, and site redundancy.