Better IT Disaster Recovery and Procedures to Improve Response after Computer Crime

Author

Allan Eduardo Arroyo-Melendez, Walden UniversityFollow

Date of Conferral

1-29-2026

Date of Award

January 2026

Degree

Doctor of Information Technology (D.I.T.)

School

Information Systems and Technology

Advisor

Dana Haywood

Abstract

A lack of an effective disaster recovery plan (DRP) can negatively impact business outcomes following a cyberattack. Information technology (IT) managers are concerned that the lack of DRP may increase the risk of ransomware, fines, and public distrust. Grounded in the unified theory of acceptance and use of technology, the purpose of this qualitative pragmatic inquiry study is to explore strategies that some IT managers use to implement a DRP. The participants are four IT managers in the southeast United States. Data were collected through semistructured interviews and a review of publicly available documents. Through thematic analysis, three themes were identified: (a) implementation during attack, (b) continuous training, and (c) implementation constraints. The key recommendations are that organization should include DRP into their cybersecurity strategy to allow recovery and continuing operations after a cyberattack. The implication for positive social change is that these strategies may enable the continuation of critical services in facilities such as hospitals, helping to prevent life-threatening situations during a disaster.

Recommended Citation

Arroyo-Melendez, Allan Eduardo, "Better IT Disaster Recovery and Procedures to Improve Response after Computer Crime" (2026). Walden Dissertations and Doctoral Studies. 19015.
https://scholarworks.waldenu.edu/dissertations/19015