What are RTO and RPO?
The RTO (Recovery Time Objective) and RPO (Recovery Point Objective) are two quantified objectives that structure recovery after an incident. They translate a strategic question into concrete values: how much downtime and how much data loss can an activity withstand?
The RTO is a duration: the target time between a service interruption and its restoration. The RPO is also a duration, but measured the other way: the maximum gap between the last usable backup and the moment of the incident, that is the data you are willing to lose.
Why it matters for your organization
RTO and RPO turn a vague intention ("recover fast") into measurable requirements that size the technical architecture and the budget. Without them, you invest blindly, either too much or too little.
They also serve as an implicit contract between IT and the business: everyone knows what is guaranteed for each activity, and can make informed trade-offs between service level and cost.
How to use them
- Differentiate by criticality: short targets for vital activities, broader elsewhere.
- Align backups to the RPO: copy frequency follows the tolerable loss.
- Align infrastructure to the RTO: redundancy and failover per the accepted downtime.
- Test: verify that the stated values are genuinely achievable.
Where organizations most often fall short
The most common mistake is defining very ambitious RTO and RPO on paper, without ever checking they are achievable. On the day of the incident, the gap between the theoretical target and real recovery capability is costly. The other pitfall is applying the same values to every activity, without differentiating by criticality.