What is RPO (Recovery Point Objective)?
RPO stands for Recovery Point Objective – the maximum time window during which data may be lost in an incident, without unacceptable impact on the organisation.
How much data can you afford to lose at most in a crash or cyber attack?
🕒 Example
If you have an RPO of 15 minutes for a production environment, this means that you:
- Take backups or replicate regularly (at least every 15 minutes)
- In the event of an incident, may lose only the last 15 minutes of data at most
- Consider any greater loss to be unacceptable
📊 RPO vs. RTO vs. backup frequency
| Term | Description |
|---|---|
| RPO | Recovery Point Objective – the maximum amount of recent data you can afford to lose |
| RTO | Recovery Time Objective – how quickly your systems must be back up |
| Backup frequency | Must align with the RPO: the more often you back up, the less data you lose |
🏭 Specifically in OT environments
In industrial networks, the RPO is often critical for process monitoring:
- Historical data from sensors or SCADA is often unrecoverable once lost
- An RPO of 0 minutes requires real-time replication or high-availability solutions
- For HMI configurations or PLC backups, you don’t want to lose any change
Examples:
- An RPO of 0 minutes for operator settings in a batch process
- An RPO of 5 minutes for alarm logs
- An RPO of 30 minutes for reporting environments
📌 In summary
The RPO determines how far back in time you can recover data after an incident. The lower the RPO, the less data you lose – but the higher the demands on your Backup and Disaster Recovery architecture.