All threats in a disaster recovery (DR) and business continuity (BC) plan should be highlighted as part of the risk assessment phase of the BC plan. The risk assessment should incorporate all sites, which includes the disaster recovery site. And if the risk assessment is completed correctly, and an objective view of all threats are identified, there should not be any hidden threats in an organization. However, unanticipated threats can still occur, which are issues that can come up during or part of an unforeseen incident. For example, damage to the infrastructure (road closures) can cause delays in reaching your disaster recovery site, which will affect the recovery time.
Also, if the BC plan is not reviewed properly it may contain incorrect information which can threaten the disaster recovery process. If the business focus has been modified since the BC plan was compiled and these changes have not been incorporated within the BC plan, the recovery process will not go smoothly. Similarly, if hardware in your company has been modified and you have not updated your DR plan, you may have issues with the recovery. Both the disaster recovery and business continuity plans need to be current to reduce unanticipated surprises.