Which non-binding agreement is typically used in disaster recovery scenarios to back up data with another party?

In disaster recovery planning, having a partner to back up data offsite is a common way to ensure resilience. A reciprocal agreement is a mutual arrangement where two organizations agree to assist each other, typically by backing up or hosting each other’s data and providing DR support if one side experiences a disruption. Because it’s non-binding, it often takes the form of an informal understanding (an MOA or similar), offering flexibility while still ensuring both parties have access to backups when needed. This fits the scenario because the emphasis is on a cooperative, offsite data-backup setup rather than a formal, binding contract or a framework.

The other options don’t match this use case. The Cloud Security Alliance STAR program is about evaluating cloud security practices, not establishing mutual data-backup agreements. CMMI focuses on process maturity and improvement, not disaster recovery partnerships. NIST CSF provides a broad cybersecurity risk-management framework, including recovery activities, but it doesn’t specify non-binding reciprocal data backup arrangements with another party.