NIST SP 800-34-Based Disaster Recovery Plan Framework for the National Committee for Sharia Economics
DOI:
https://doi.org/10.59261/jequi.v8i3.340Keywords:
Disaster Recovery Plan, Business Continuity, Risk Assessment NIST SP 800-34Abstract
Background: In today’s digital era, information technology (IT) infrastructure is critical to organizational operations, making Disaster Recovery Planning (DRP) essential for business continuity. Institutions managing strategic data assets, such as KNEKS, must address risks from disasters, cyberattacks, and infrastructure failures during PDES development.
Objective: This study aims to identify KNEKS’s disaster recovery requirements under current and future PDES conditions and to develop a comprehensive DRP framework based on NIST SP 800-34.
Methods: A qualitative case study approach was employed using NIST SP 800-34 Rev. 1 as the primary framework, complemented by FIPS 199, SNI ISO 31000, and NIST SP 800-53. Data were collected through semi-structured interviews with IT managers and system administrators, supported by document analysis. Triangulation and member checking were used to ensure validity.
Results: The assessment revealed significant gaps in disaster recovery readiness, particularly in formalized policies, technical redundancy, and impact analysis procedures. Based on these findings, a tailored DRP framework was developed, incorporating activation, recovery, and reconstitution phases while maintaining scalability for future PDES expansion.
Conclusion: A comprehensive NIST SP 800-34-based DRP is essential to ensure KNEKS’s operational continuity. The proposed framework offers a structured and scalable approach to disaster recovery and provides a practical model for emerging public-sector, data-intensive institutions.
Downloads
References
Ahmad, A., Alshurideh, M., Al Kurdi, B., Aburayya, A., & Hamadneh, S. (2021). Digital transformation metrics: a conceptual view. Journal of Management Information and Decision Sciences, 24(7), 1–18.
Al Hassan, L. K. M. (2017). Information technology disaster recovery plan (IT DRP) framework–A study on IT continuity for smart city in Abu Dhabi smart government. The British University in Dubai.
Alifian, M. H., & Priharsari, D. (2021). Penyusunan Disaster Recovery Plan (DRP) menggunakan framework NIST SP 800-34 (Studi kasus pada perusahaan IT Nasional). Jurnal Pengembangan Teknologi Informasi Dan Ilmu Komputer, 5(10), 4673–4679. https://j-ptiik.ub.ac.id/index.php/j-ptiik/article/view/10056
Almutawa, E. (2026). An investigative study into operational leadership’s disaster recovery (DR) planning at Dubai Civil Defence (DCD). University of Gloucestershire.
Arroyo-Melendez, A. E. (2026). Better IT Disaster Recovery and Procedures to Improve Response After Computer Crime. Walden University.
Ashrafi, R., & AlKindi, H. (2022). A framework for IS/IT disaster recovery planning. International Journal of Business Continuity and Risk Management, 12(1), 1–21. https://doi.org/10.1504/IJBCRM.2022.121645
Cedergren, A., Hassel, H., & Vallin, L. (2026). The Cost of Adaptability: Exploring the Dual Nature of Adaptive Capacity Through a Healthcare Case Study. Journal of Contingencies and Crisis Management, 34(2), e70178.
Craven, E., & Tomlinson, S. (2026). Contingency planning in farm practice. In Practice, 48(1), 8–17.
Creswell, J. W., & Creswell, J. D. (2018). Research Design: Qualitative, Quantitative, and Mixed Methods Approaches (5th ed.). SAGE Publications.
Dearniwati, E., Nurlette, G. A., Anwar, S., & Purwanto, H. (2025). Preparation of IT Disaster Recovery Plan (DRP) using NIST SP 800-34 Framework (Case Study: PT Pamapersada Nusantara, Jakarta). Eduvest-Journal of Universal Studies, 5(1), 954–962.
Dwi Pamungkas, E., Fatonah, N. S., Firmansyah, G., & Akbar, H. (2023). Disaster Recovery Plan analysis based on the NIST SP 800-34 framework (Case study: PT Wijaya Karya (Persero) Tbk.). Jurnal Indonesia Sosial Sains, 4(9), 936–947. https://doi.org/10.59141/jiss.v4i09.879
Epstein, B., & Khan, D. C. (2014). Application impact analysis: A risk-based approach to business continuity and disaster recovery. Journal of Business Continuity & Emergency Planning, 7(3), 230–237.
Ferrer, J. P., & Mandigma, M. B. S. (2026). Relationship of Perceived Organizational Support and Organizational Commitment on the Business Continuity Management of Selected Philippine Financial Shared Services Companies. Review of Integrative Business and Economics Research, 15(3), 459–476.
Hassel, H., & Cedergren, A. (2021). Integrating risk assessment and business impact assessment in the public crisis management sector. International Journal of Disaster Risk Reduction, 56, 102136. https://doi.org/10.1016/j.ijdrr.2021.102136
Hendaryatna, H., Firmansyah, G., Tjahjono, B., & Widodo, A. M. (2023). Performance evaluation of business continuity plan in dealing with threats and risks in Cilegon companies use ISO 22301:2019 & NIST SP 800-30 R1 frameworks case study: PT. X. Asian Journal of Social and Humanities, 1(12), 1159–1174. https://doi.org/10.59888/ajosh.v1i12.120
Kesa, D. M. (2023). Ensuring resilience: Integrating IT disaster recovery planning and business continuity for sustainable information technology operations. World Journal of Advanced Research and Reviews, 18(3), 970–992.
Lubis, M., Luthfi, M. I., Saedudin, R. R., Muttaqin, A. N., & Lubis, A. R. (2026). The Integration of ISO 27005 and NIST SP 800-30 for Security Operation Center (SOC) Framework Effectiveness in the Non-Bank Financial Industry. Computers, 15(1), 60.
Mohamed, H. (2014). A proposed model for IT disaster recovery plan. International Journal of Modern Education and Computer Science.
Rambharose, R. (2026). Theorising Recognition of Prior Learning Research in Higher Education: A Multidisciplinary Framework for Qualitative, Quantitative, and Mixed-Methods Inquiry. International Journal of Qualitative Methods, 25. https://doi.org/10.1177/16094069251404325
Saleem, K. (2008). Towards a business continuity information network for rapid disaster recovery.
Sawalha, I. H. (2021). Views on business continuity and disaster recovery. International Journal of Emergency Services, 10(3), 351–365.
Singh, A., & Alshammari, M. (2023). Advancing, empowering, and reshaping Saudi society through integrating e-learning technology into higher education. Int. J. Adv. Appl. Sci, 10, 178–187.
Singh, H. P., Alshammari, K., & Singh, H. P. (2021). Impacts of Digital technology-enabled personalized and adaptive learning on student learning performance: A TOE framework for Saudi Arabia. & Applied Sciences & Technologies, 12(13), 1–12.
Snedaker, S. (2013). Business continuity and disaster recovery planning for IT professionals. Newnes.
Stamenkov, G. (2025). Cloud service models, business continuity and disaster recovery plans, and responsibilities. International Journal of Organizational Analysis, 33(3), 437–451. https://doi.org/10.1108/IJOA-12-2023-4127
Supriyanto, A., Aknuranda, I., & Putra, W. H. N. (2019). Penyusunan Disaster Recovery Plan (DRP) berdasarkan framework NIST SP 800-34 (Studi kasus: Departemen Teknologi Informasi PT Pupuk Kalimantan Timur). Jurnal Pengembangan Teknologi Informasi Dan Ilmu Komputer, 3(8), 8212–8219. https://j-ptiik.ub.ac.id/index.php/j-ptiik
Suresh, N. C., Sanders, G. L., & Braunscheidel, M. J. (2020). Business continuity management for supply chains facing catastrophic events. IEEE Engineering Management Review, 48(3), 129–138.
Swanson, M., Bowen, P., Phillips, A. W., Gallup, D., & Lynes, D. (2010). Contingency planning guide for federal information systems. NIST Special Publication, 800–834.
Tatineni, S. (2023). Cloud-based business continuity and disaster recovery strategies. International Research Journal of Modernization in Engineering, Technology, and Science, 5(11), 1389–1397.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Khalil Mojadidi, Abba Suganda Girsang

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-ShareAlike 4.0 International (CC-BY-SA). that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.



