MTO and RTO are integral parts of disaster recovery planning, but they can also be used outside of that context. To recap on their definitions, MTO (Maximum Tolerable Outage) is the maximum amount of time that a process or facility can be unavailable before significant disruption and/or financial loss occurs to an organisation. RTO (Recovery Time Objective) is the organisation’s goal for getting back to a normal situation in the event of an outage. In DR planning, RTO is normally less than MTO – otherwise, disasters could officially occur even though objectives were being met.
However some situations of outage or unavailability are brought about deliberately. IT server migration is one instance. MTO and RTO are as relevant for planned outage as for unpredictable disaster. They can be used to help contain unavailability and prevent it from becoming a catastrophe. The server migration itself may be taking place in order to move an organisation away from situations likely to compromise its business continuity: for example, migration from servers that are underpowered, outdated or out of warranty; servers being moved into a virtualisation environment under VMware or similar; or simply servers being moved from one physical location to another.
Planned outage then also expands the possibilities for the relative priorities of MTO and RTO. It’s possible for instance that the planned server migration has a realistic RTO of 5 hours, whereas under normal operating conditions, the MTO might only be 1 hour. In that case, an organisation might choose from one of the following: to plan the migration outside of normal operating hours; to change the way that the migration is done; or to do the migration regardless of the mismatch between RTO and MTO. This last option may still be less expensive than paying overtime, the consequences of a server finally crashing, or a combination of two.