Premium Essay

Disaster Recovery Plan Term Paper

In: Computers and Technology

Submitted By anaperez83
Words 1568
Pages 7
Disaster Recovery Plan

Company Overview
Strategic Business Solutions is a Veteran-owned small business with less than fifty employees and the business goal is to continue specializing in Information Technology (IT), project management, and business development solutions. Our main projects involve Internet-based E-commerce solutions. The following diagram depicts our current network, which is PCI compliant and can handle high-traffic websites:

Risk Assessment
Critical business processes
Disruption of an information resource is not a disaster in itself, unless it is related to a critical business process, for example, an organization losing its revenue generating business process due to an information system failure. Other examples of potential critical business processes may include: * Production of finished goods * Advertising of the organization’s product(s) to be sold * Selling of the enterprise’s products or services * Receiving payments * Dispatching of finished goods * Provision of final services * Legal and regulatory compliance * Safeguarding of private and confidential data and other Information assets * Logistics services in the organization * Paying the employees
Internal, external, and environmental risks
Although all forms of corporate risks and potential damage can’t be avoided, but a realistic objective is to ensure the survival of the organization by establishing a culture that will identify and manage those risks that could cause it to suffer.
Since there could be hundreds and thousands of risks and uncertainties leading to possible disasters hitting the organization, but following are some of the generic internal, external and environmental corporate risks: * Inability to maintain critical customer services * Failure to protect the company assets including intellectual…...

Similar Documents

Premium Essay

Disaster Recovery Paper

...Best Buy disaster plan Christian Jones Qazi Ali CIS 359 May 25, 2012 Abstract Through this paper I and my partner will be discussing number of things about one of the biggest computer retail company in the United States of America. First is that we will provide some background information on the Best Buy company such as how it came about and how it has evolved from the past and to the present date. Basically we will give up a little bit of information on the owner as well as the company itself. In addition, we will also cover some of the problem that we face will developing this reasech paper. We will also cover some key points that we reasech or were told there disaster recovery plan. Also we provide solutions to their disaster recovery by point out some problems that they might face in the near future. We will also discussion how the plan will work in some cases and how it will not be as successful in other cases. Disaster Recovery for Best Buy A disaster is defined as an unexpected, unplanned catastrophic event that renders the Organizations ability to perform mission-critical and critical processes, including the ability to do normal production processing of systems that support critical business processes. A disaster could be the result of significant damage to a portion of the operations, a total loss of a facility, or the inability of the employees to access that facility. There were a lot of challenges that occurred during the development of......

Words: 1979 - Pages: 8

Premium Essay

Disaster Recovery Plan

...Disaster Recovery Plan Kawa, Tonderai B. Fanshawe College INFO- 6027-02 Security Planning Defined Recovery Process: To insure the continuation of business at Sunnylake and secure accesses to the electronic medical records (EMRs) and insure a continued business through a disaster recovery plan that will be initiated with group 5 members. The plan has considered the Sunnylake hackers who have caused an access denied on EMRs so the DRP that is going to be implemented and will include management procedures and technology procedures to insure an on-time recovery. So the crisis being faced is hacked EMRs so doctors and nurses are at risk of medication errors and drug interactions, what was the most efficient method has becomes less reliable. Moverover if the recovery time takes longer there is little hope of reverting to EMRs. Some patients are receiving the wrong prescription due to a poor adjustment to the tedious and robust situation. Infrastructure (replace): Attempts for system restore, contemplating to pay ransom demanded by extortionist. Use of paper records as means of keeping patient and medication records and patients’ confidential information and doing filing as alternative means of record keeping. Whilst the hospital workstations being the major points of data entry. People (retain): The proactive participants and their role at Sunnylake; George Knudsen - (Chief of staff)...

Words: 933 - Pages: 4

Premium Essay

The Disaster Recovery Plan

...Associate Level Material Appendix D Disaster Recovery Plan Student Name: Enter Your Name Here UNIVERSITY OF PHOENIX IT/244 INTRO TO IT SECURITY Instructor’s Name: Enter Your Instructor's Name Here Date: Enter the date here 1. Disaster Recovery Plan Due in Week Three: For your selected scenario, describe the key elements of the Disaster Recovery Plan to be used in case of a disaster and the plan for testing the DRP. 1.1. Risk Assessment 1.1.1. Critical business processes List the mission-critical business systems and services that must be protected by the DRP. No business wants to face the horror of a disaster, be it from mother nature, external threats, or other catastrophes, but will a well crafted disaster recovery plan, the firm may sustain minimal damage. In preparing for disaster, the planning committee should prepare risk analysis and should be analyzed to determine the potential consequence and impact of several disaster scenarios. The critical needs of each department within Sunica Music and Movies will include functional operations, key personnel, information, processing systems, service, documentation, vital records, and policies and procedures. Processing and operations should be analyzed to determine the maximum amount of time that the department and organization can operate without each critical system. 1.1.2. Internal, external, and environmental risks Briefly discuss the internal, external, and environmental risks, which might be likely......

Words: 860 - Pages: 4

Premium Essay

Disaster Recovery Plan

...non-Repudiation through Digital Signatures Mitigating Risk in the User Domain Interviewing and Background Screening Hiring, Job Rotations, and Separation of Duties Security Policies Implementation of Special Documentations and Practices Acceptable Use Policies Confidentiality Agreements Non-Compete Agreements Exposure to Sensitive Data Training Conclusions References C7 Data Centers, Inc. (2013). DISASTER RECOVERY. Retrieved October 7, 2013, from www.c7dc.com/: http://www.c7dc.com/services/disaster-recovery/ IBM. (2013). Disaster action checklist. Retrieved October 8, 2013, from http://pic.dhe.ibm.com/: http://pic.dhe.ibm.com/infocenter/iseries/v7r1m0/index.jsp?topic=%2Frzarm%2Frzarmdisastr.htm Preston, W. C. (2008, November). Vice President of Data Protection Services at GlassHouse Technologies. (TechTarget, Interviewer) Red Hat, Inc. (2013). Backup Sites: Cold, Warm, and Hot. Retrieved October 7, 2013, from access.redhat.com: http://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Introduction_To_System_Administration/s2-disaster-recovery-sites.html Swanson, M., Wohl, A., Pope, L., Grance, T., Hash, J., & Thomas, R. (2002, June). Contingency Planning Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology. Washington D.C. Warden, T. (n.d.). DR and Asynchronous Replication - Tutorial and Best Practices. Retrieved October 8, 2013, from http://www.las-solanas.com/:......

Words: 590 - Pages: 3

Premium Essay

Disaster Recovery Plan

...Disaster Recovery Plan: A Risk Management Strategy CIS 359 8/25/13 Professor Michelle Hansen CEO CEO CISO CISO CIO CIO IT Procurement Specialist IT Procurement Specialist IT Security Compliance Officer IT Security Compliance Officer IT Security Engineer IT Security Engineer Needs to monitor compliance with the security directives ,and overall policy to ensure IT effectiveness. Needs to monitor compliance with the security directives ,and overall policy to ensure IT effectiveness. Use results and feedback from various other sources to form a system budget enquiry that will help with financial planning Use results and feedback from various other sources to form a system budget enquiry that will help with financial planning Helps ensure the programs uptake and success. Helps ensure the programs uptake and success. Privacy Security Professional Privacy Security Professional Security Manager Security Manager Need to ensure that awareness and training requirements are established within the organization’s position and ensure that staff receives effective professional development services. Need to ensure that awareness and training requirements are established within the organization’s position and ensure that staff receives effective professional development services. Can help identify training sources, evaluate vendor based and other training sources and aid in the development of awareness and other training materials. ...

Words: 1441 - Pages: 6

Premium Essay

Disaster Recovery Plan

...State of Oklahoma Disaster Recovery Plan Template Version 1.0 31 October 2007 TABLE OF CONTENTS DISASTER RECOVERY PLAN – DOCUMENT CHANGE CONTROL 6 EXECUTIVE SUMMARY 8 Overview 8 Recovery Statement Summary 8 Recovery Scenario #1: The Preferred Solution for a Total Data Center Loss 8 Recovery Strategies: Activities and Time Frames 9 Short-Term (2 to 3 Days): 9 Medium-Term (6 to 12 weeks): 9 Longer-Term (6 months to 2 years): 9 Recovery Scenario #2: The Strategy for Loss of a Critical System or Component 9 Summary 10 INTRODUCTION 11 INFORMATION SECURITY POLICY – DEFINITIONS & STATED REQUIREMENTS 11 8.2 Disaster Recovery Plan 11 8.3 Business Recovery Strategy 11 PLAN DISTRIBUTION 11 PLAN OBJECTIVES 11 PLAN ASSUMPTIONS 12 Definitions 12 PROCESSING ENVIRONMENT 13 Scope of Recovery 13 Environment Description 13 Essential Equipment 13 Disaster Recovery Scripts 15 RECOVERY PLAN ELEMENTS 17 1. Recovery Plan for Major Disasters 17 A. Detection and Reaction 17 B. Identifying the problem – Notifying the authorities 17 C. Establishing a Command Center 17 D. Reducing Exposure 17 2. Roles and Responsibilities 20 A. Management / Damage Assessment Team: Initial Response 21 B. Disaster Recovery Teams — Emergency Contact List 22 (AGENCY) FUNCTIONAL AREA MANAGERS 23 3. Recovery Plan for Major Disasters 24 A. Establishment of Full Recovery at Backup Site 24 B. Disaster Recovery Team Checklists 24 C. Restoration of Facilities and...

Words: 17396 - Pages: 70

Premium Essay

Disaster Recovery Plan

...Associate Level Material Appendix D Disaster Recovery Plan Student Name: Casey DeCesare University of Phoenix IT/244 Intro to IT Security Instructor’s Name: Scott Sabo Date: 4/27/14 Disaster Recovery Plan Due in Week Three: For your selected scenario, describe the key elements of the Disaster Recovery Plan to be used in case of a disaster and the plan for testing the DRP. 1 Risk Assessment 1 Critical business processes List the mission-critical business systems and services that must be protected by the DRP. The mission-critical business systems and services that must be protected by this DRP are: Payroll, Human Resource Data, POS backup media, and Web Servers and their services. 2 Internal, external, and environmental risks Briefly discuss the internal, external, and environmental risks, which might be likely to affect the business and result in loss of the facility, loss of life, or loss of assets. Threats could include weather, fire or chemical, earth movement, structural failure, energy, biological, or human. Examples of internal risks that may affect business are unauthorized access by individuals who are employed by the company, and those who aren’t employed by the company but still have access to individual store’s computer systems, applications, or areas where the servers and backup media are located. Other external and environmental...

Words: 638 - Pages: 3

Premium Essay

Disaster Recovery Plan

... 2010 Axia College IT/224 Intro to IT Security Disaster Recovery Plan: Risk Assessment: There are many risk that assessments that come into play when it comes to a business, in this cases our risk assessments are centered around the protection of our systems such as; human resources system, interior design system, exterior design system, customer privacy system, and our back-up system. Internal, external, and environmental risks: There are many risks that come with any type of business, it is up to the owners to identify these risks and deal with them in the appropriate way. With any business there will be some type of problem such as loss of business, which is a result of customers not using our services; the more customers that we lose would result in more money spent and less money made hence the loss of assets. There is also the case of fires; no company is completely safe from the threat of fires and depending on the type of fire, and because of this there could be some type of loss of life. This is also possible when there are bad weather, earthquakes, or terrorists attacks. Disaster Recovery Strategy: Of the different types of strategies talked about I think the best way to go in my situation and the business that I am conducting would be a warm site. A warm site is like a mediator between hot and cold sites and would provide the advantages of both sites in the different ways. Disaster Recovery test Plan: Walk-through: Each member or client will have......

Words: 470 - Pages: 2

Premium Essay

Disaster Recovery Plan: a Brief Overview

...Disaster Recovery Plan: A Brief Overview IT244 Axia Online College of University of Phoenix This following paper will highlight a brief overview of a DRP, covering the purpose of a DRP, key elements of a DRP, methods to test a DRP, and why testing should be done on a DRP. The main function or purpose of a DRP is to basically help identify a logical plan to recover from a disaster. Such as in any business, especially dealing with information technology, a DRP can help a business or company continue to run smoothly, with minimum disruption to normal operations. Every DRP is created differently and key elements that make a DRP may differentiate. To give an example onto what kind of key elements are found in a DRP; according to the information shown by the University of Arkansas, Fayetteville Department of Computing Services website, DRP can contain the following key elements: 1. General Information About The Plan 2. Disaster Planning 3. Initiation of Emergency Procedures 4. Initiation of Recovery Procedures 5. Maintaining the Plan A DRP cannot be fully realized or put into action unless a testing of the DRP can be done. The testing basically helps find any weak areas in the DRP so planner can improve in those areas. According to Mark S. Merkow and Jim Breithaupt authors of Information Security: Principles and Practices there are five methods to test a DRP and they are as follow: 1. Walk-through:......

Words: 583 - Pages: 3

Premium Essay

Disaster Recovery Plan

...Disaster Recovery Plan Saphia Christopher Strayer University CIS 462 Dr. Basta An IT disaster recovery plan provides step-by-step procedures for recovering disrupted systems and networks, to help them resume normal operations. The goal of these processes is to minimize any negative impacts to company operations. The IT disaster recovery process identifies critical IT systems and networks; prioritizes their recovery time objective; and delineates the steps needed to restart, reconfigure, and recover them. A comprehensive IT DR plan also includes all the relevant supplier contacts, sources of expertise for recovering disrupted systems and a logical sequence of action steps to take for a smooth recovery (Kirvan, 2009). The following Disaster Recovery Plan has been put together for the mock company which will be named ABC Technologies. The information contained in the DRP is partially real information from my current employer and other parts are made up. This is in response to my current firm’s policy against the dissemination of proprietary information. Information Technology Statement of Intent This document delineates our policies and procedures for technology disaster recovery, as well as our process-level plans for recovering critical technology platforms and the telecommunications infrastructure. This document summarizes our recommended procedures. In the event of an actual emergency......

Words: 2966 - Pages: 12

Premium Essay

Disaster Recovery Plan

...Disaster Recovery Plan Brandon Brown University of Phoenix IT/244 Intro to IT Security Katarina Brunski October 14, 2013 Access Control Policy Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems Authentication Authentication establishes the identity of a user on a network. Malicious user and programs try to disrupt the service of the network in an attempt to obtain sensitive information or falsify data by mimicking valid persons. Differentiating the malevolent from the valid or appropriate individuals is a part of the authentication process and is vital to network security. Every worker will have photo access badges that will be coded to either allow or disallow personnel from certain areas. The access badges will only allow the workers into areas that they are cleared to enter, and when they enter those areas, the times will be logged. Workers will access to the network by having a unique username and password that is not to be shared with anyone else, at all. Access control strategy Discretionary access control This is to permit the right to use the system only to users who have correct authorization. Least privilege is basically having things on a need to know basis. The entry-level worker does not need to be privileged to the same information and access as the senior IT director. Least privilege will allow the user to access only the information that they need to do their......

Words: 622 - Pages: 3

Free Essay

Disaster Recovery Plan

...Disaster Recovery Plans   The headquarters of Hill Crest Corporation, a private company with $15.5 million in annual sales, is located in California. Hill Crest provides for its 150 clients an online legal software service that includes data storage and administrative activities for law offices. The company has grown rapidly since its inception 3 years ago, and its data processing department has expanded to accommodate this growth. Because Hill Crest’s president and sales personnel spend a great deal of time out of the office soliciting new clients, the planning of the IT facilities has been left to the data processing professionals. Hill Crest recently moved its headquarters into a remodeled warehouse on the outskirts of the city. While remodeling the warehouse, the architects retained much of the original structure, including the wooden-shingled exterior and exposed wooden beams throughout the interior. The minicomputer distributive processing hardware is situated in a large open area with high ceilings and skylights. The openness makes the data processing area accessible to the rest of the staff and encourages a team approach to problem solving. Before occupying the new facility, city inspectors declared the building safe; that is, it had adequate fire extinguishers, sufficient exits, and so on. In an effort to provide further protection for its large database of client information, Hill Crest instituted a tape backup procedure that automatically backs up the......

Words: 860 - Pages: 4

Premium Essay

Cis 462 Wk 10 Term Paper Disaster Recovery Plan

...CIS 462 WK 10 TERM PAPER DISASTER RECOVERY PLAN To purchase this visit here: http://www.activitymode.com/product/cis-462-wk-10-term-paper-disaster-recovery-plan/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 462 WK 10 TERM PAPER DISASTER RECOVERY PLAN CIS 462 WK 10 Term Paper - Disaster Recovery Plan This assignment consists of two (2) parts: a written paper and a PowerPoint presentation. You must submit both parts as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment. In recent years, organizations have witnessed the impact of having effective and non-effective business continuity plans and disaster recovery plans. In today’s environment, with significant potential natural disasters, terrorist threats, and other man-made threats, it is critical that organizations develop effective business continuity plans and disaster recovery plans. Select an organization that you are familiar with, such as where you currently or previously have worked, contact a local organization, or search on the Internet for the needed detail of an organization you are interested in. Prepare a disaster recovery plan policy for that organization. Part 1: Written Paper 1. Write a six to eight (6-8) page paper in which you: a. Provide an overview of the organization that will be......

Words: 1069 - Pages: 5

Free Essay

Disaster Recovery Plan

...mirror sites. Triangular architecture: WTC – Rochelle Park – London. The significant loss of lives made recovery from this event especially difficult. Sources (moving forward): http://www.baselinemag.com/c/a/Business-Intelligence/Pop-Culture/ From day one, Rochelle Park was seen as a concurrent system, not a disaster-recovery site. The shift was driven by eSpeed's role as the largest player in electronic bond-trading, which meant uninterrupted service was an imperative. The nondescript building in a blue-collar town was perfect—a former telecom facility across from another telecom building. Systems alternated between the trade center and the mirror site, with particular products (e.g., zero coupon bonds) running live for a month at one location and then switching to the other; about half of the company's approximately 40 products were live at each location at any given time. "In that sense we had run our disaster-recovery tests the day before," says Noviello. The mirror site and the World Trade Center were connected by a high-speed optical line, over which eSpeed linked the storage area networks at each site. Sybase data-replication software mirrored critical databases between the sites. Half of the company's Microsoft Exchange e-mail servers were also located full-time in Rochelle Park. Some DRPs are approved and put in place with the awareness that the plan itself will not work, only for audit purposes. On Wednesday, Cantor Chairman and CEO Howard......

Words: 2816 - Pages: 12

Premium Essay

Disaster Recovery Plan Paper

...Section 1 Major Goals of the Disaster Recovery Plan * To minimize the interruptions within the normal operations of the business. * To limit the extent of disruptions and damage within the business. * To minimize the economic impact of the interruption with the business. * To establish alternative means of operations in advance before the incident. * To provide smooth and complete restoration of business in a timely fashion. Section 2 Personnel Name | Position | Address | Telephone | E-Mail | | | | | | | | | | | | | | | | | | | | | | | | | | Section 3 Software Profile Software Name | Critical Software Y/N | Fixed AssetY/N | Software Manufacturer | Comments | | | | | | | | | | | | | | | | | | | | | | | | | | Section 4 Inventory * Air Conditioner or Heater * Controllers * Disk Units * General Data Communication * Humidifier or Dehumidifier * Workstation controllers * I/O Processors * Models * Personal computers * Processing Units * Racks * Spare Displays * Spare workstations * System printer * Tape and diskette units * Telephones Manufacturer | Description | Model | Serial Number | Owned/Leased | Cost | | | | | | | | | | | | | | | | | | | | | | | | | Section 5 Back-up Policy * Daily, journal receivers are changed at ________ and at ________. * Daily, a save of...

Words: 311 - Pages: 2