...Disaster Recovery Plan Company Overview Strategic Business Solutions is a Veteran-owned small business with less than fifty employees and the business goal is to continue specializing in Information Technology (IT), project management, and business development solutions. Our main projects involve Internet-based E-commerce solutions. The following diagram depicts our current network, which is PCI compliant and can handle high-traffic websites: Risk Assessment Critical business processes Disruption of an information resource is not a disaster in itself, unless it is related to a critical business process, for example, an organization losing its revenue generating business process due to an information system failure. Other examples of potential critical business processes may include: * Production of finished goods * Advertising of the organization’s product(s) to be sold * Selling of the enterprise’s products or services * Receiving payments * Dispatching of finished goods * Provision of final services * Legal and regulatory compliance * Safeguarding of private and confidential data and other Information assets * Logistics services in the organization * Paying the employees Internal, external, and environmental risks Although all forms of corporate risks and potential damage can’t be avoided, but a realistic objective is to ensure the survival of the organization by establishing a culture that will identify and manage...
Words: 1568 - Pages: 7
...CIS 462 WK 10 TERM PAPER DISASTER RECOVERY PLAN To purchase this visit here: http://www.activitymode.com/product/cis-462-wk-10-term-paper-disaster-recovery-plan/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 462 WK 10 TERM PAPER DISASTER RECOVERY PLAN CIS 462 WK 10 Term Paper - Disaster Recovery Plan This assignment consists of two (2) parts: a written paper and a PowerPoint presentation. You must submit both parts as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and / or assume all necessary assumptions needed for the completion of this assignment. In recent years, organizations have witnessed the impact of having effective and non-effective business continuity plans and disaster recovery plans. In today’s environment, with significant potential natural disasters, terrorist threats, and other man-made threats, it is critical that organizations develop effective business continuity plans and disaster recovery plans. Select an organization that you are familiar with, such as where you currently or previously have worked, contact a local organization, or search on the Internet for the needed detail of an organization you are interested in. Prepare a disaster recovery plan policy for that organization. Part 1: Written Paper 1. Write a six to eight (6-8) page paper in which you: a. Provide an overview of the organization that will be delivered...
Words: 1069 - Pages: 5
...Communications of the IIMA 25 2006 Volume 6 Issue 2 Disaster Planning and Management Holmes E. Miller Muhlenberg College, Allentown, PA 18104 Kurt J. Engemann Iona College, New Rochelle, NY 10801 Ronald R. Yager Iona College, New Rochelle, NY 10801 ABSTRACT Recent events such as hurricanes, tsunamis, earthquakes, power outages, and the threat of pandemics have highlighted our vulnerability to natural disasters. This vulnerability is exacerbated by many organizations’ increasing dependence on computer, telecommunications, and other technologies, and trends toward integrating suppliers and business partners into everyday business operations. In response many organizations are implementing disaster recovery planning processes. In this paper we discuss how to identify threats and scenarios; how to articulate the disaster recovery strategies; and four elements of the generic disaster recovery plan: Mitigation, preparedness, response, and recovery. We then provide examples of software that can help disaster recovery professionals in the planning and implementation process. Finally we present some trends that will reinforce the criticality of the issue. Keywords: Disaster Recovery Planning; Business Continuity Planning; Risk Assessment INTRODUCTION Several major natural disasters that have occurred in the past few years have placed disaster management on the front pages: The Tsunami of late 2004, Hurricanes Katrina and Rita, and the earthquake in Pakistan in 2005 affected both...
Words: 7241 - Pages: 29
...________________________________________________________________________ UNIVERSITI TEKNOLOGI MARA TEST 1 ________________________________________________________________________ COURSE : EDP AUDITING COURSE CODE : AUD 370 DATE : FEBRUARY 2013 TIME : 2 HOURS NAME : GROUP : MATRIX NUMBER : SEMESTER : DEC 2012 – APR 2013 INSTRUCTIONS TO CANDIDATES 1. 2. 3. Answer ALL questions. Start each answer on a new page. Do not bring any material into the examination room unless permission is given by the invigilator. DO NOT TURN THIS PAGE UNTIL YOU ARE TOLD TO DO SO This test paper consists of 8 printed pages 2 TEST 1 PART A This part consists of 20 multiple-choice questions. Choose the most suitable answer and shades the corresponding alphabet representing the answer. 1. Among the objectives of an operating system are as follows EXCEPT a. b. c. d. the operating system must protect itself from users the operating system must protect users from each other the operating system must protect users from themselves the operating system must be totally free from errors 2. One of the criteria for accessing the firewall effectiveness is _______________ a. authorization b. flexibility c. supervision d. access control 3. Electronic fund transfer is adopted by EDI trading partners due to implication on ________ a. b. c. d. Audit trails of transactions Cash disbursement and receipts ...
Words: 3159 - Pages: 13
...1. Executive Summary 2 2. Introduction 3 2.1 Company Overview 3 2.2 Security Policy Overview 4 2.3 Security policy goals 4 2.3.1 Confidentiality 4 2.3.2 Integrity 5 2.3.3 Availability 5 3. Disaster Recovery Plan 6 3.1 Risk Assessment 6 3.1.1Critical Business Processes 7 3.1.2 Internal, external, and environmental risks 7 3.2 Disaster Recovery Strategy 8 3.3 Disaster Recovery Test Plan 8 3.3.1 Walk-throughs 8 3.3.2 Simulations 9 3.3.3 Checklists 9 3.3.4 Parallel testing 9 3.3.5 Full interruption 9 4. Physical Security Policy 10 4.1 Security of the building facilities 10 4.1.1Physical entry control 10 4.1.2 Security offices, rooms and facilities 11 4.13.Isolated delivery and loading areas 12 4.2 Security of the information systems 12 4.2.1Workplace protections 12 4.2.2Unused ports and cabling 13 4.2.3 Network/server equipment 13 4.2.4 Equipment maintenance 13 4.2.5 Security of laptops/roaming equipment 13 5. References 14 Executive Summary The objective of this proposal is to present the information security policy created for Bloom Design Group. The issue of a company’s network security continues to be crucial because the results of data loss or significant system failure can be disastrous for a company. An alarming number of companies fail to realize how vulnerable their network is to internal, external, and environmental risks. One of the top priorities of an organization should be maintaining...
Words: 3568 - Pages: 15
...Disaster Recovery Information Technology: Disaster Recovery Abstract The intent of this research paper is to capture the over view of the systems functionality of disaster recover, what it is and how it works. It will explore the benefits, as well as the disadvantageous of the system, what is most significant about the system. Lastly I will share my own assessment of the system, concluding whether this system had been rendered effective for its purpose. Information Technology: Disaster Recovery Information Technology is extremely crucial in today’s business world. In fact, businesses use information technology too quickly and effectively process information, Carlson 1998. Within these businesses, employees use these advanced technologies in which to communicate. Electronic data interchange is used to transmit data. This serves a purpose of transmitting orders and payments from one company to another. With electric data interchange in mind, servers process an immense amount of data. For a business to be rendered effective, a disaster recovery plan should be develop in correlation with the priorities of the business. As noted, due to the rapid growth technology, planning strategies should be refined overtime to maintain its vigilant awareness to keep up with modern technology. Overview A disaster recovery plan is a process in which to secure intellectual property. Disaster Recovery planning involves procedures to recover, as well as, maintain accountability of a...
Words: 1871 - Pages: 8
...State of Oklahoma Disaster Recovery Plan Template Version 1.0 31 October 2007 TABLE OF CONTENTS DISASTER RECOVERY PLAN – DOCUMENT CHANGE CONTROL 6 EXECUTIVE SUMMARY 8 Overview 8 Recovery Statement Summary 8 Recovery Scenario #1: The Preferred Solution for a Total Data Center Loss 8 Recovery Strategies: Activities and Time Frames 9 Short-Term (2 to 3 Days): 9 Medium-Term (6 to 12 weeks): 9 Longer-Term (6 months to 2 years): 9 Recovery Scenario #2: The Strategy for Loss of a Critical System or Component 9 Summary 10 INTRODUCTION 11 INFORMATION SECURITY POLICY – DEFINITIONS & STATED REQUIREMENTS 11 8.2 Disaster Recovery Plan 11 8.3 Business Recovery Strategy 11 PLAN DISTRIBUTION 11 PLAN OBJECTIVES 11 PLAN ASSUMPTIONS 12 Definitions 12 PROCESSING ENVIRONMENT 13 Scope of Recovery 13 Environment Description 13 Essential Equipment 13 Disaster Recovery Scripts 15 RECOVERY PLAN ELEMENTS 17 1. Recovery Plan for Major Disasters 17 A. Detection and Reaction 17 B. Identifying the problem – Notifying the authorities 17 C. Establishing a Command Center 17 D. Reducing Exposure 17 2. Roles and Responsibilities 20 A. Management / Damage Assessment Team: Initial Response 21 B. Disaster Recovery Teams — Emergency Contact List 22 (AGENCY) FUNCTIONAL AREA MANAGERS 23 3. Recovery Plan for Major Disasters 24 A. Establishment of Full Recovery at Backup Site 24 B. Disaster Recovery Team Checklists 24 C. Restoration of Facilities and...
Words: 17396 - Pages: 70
...Pranay Bhardwaj Disaster Recovery Planning Introduction Hurricane Sandy is regarded as one of the most devastating natural disasters to strike the city of New York. People have different recollections of that time period, with some who recall the catastrophic damage done to their home, while others remember the 4 hours of wait just to fill up their cars with gas. For financial institutions, such as Citi bank, it was a time for the management team to pat themselves on the back and breathe a sigh of relief for being able to secure important data centers and keep bank operations running. All this was a result of successful implementation of Citi’s “Disaster Recovery Plan”. What is a Disaster Recovery Plan? Just like the disaster discussed above, every week, month, and year, companies are exposed to risks of potential disasters that can affect the continuation of vital business processes. When critical processes and applications are lost, the company can incur damages ranging anywhere from $5,000- $5,000,000 per minute, depending on the size and function of the company. Some companies never recover from the excessive damage they incur during the time of the disaster, and may be forced out of business. To avoid such a situation, companies, particularly banking institutions, are heavily encouraged to have a disaster recovery plan in place. A disaster recovery plan is a powerful tool that allows companies to shield itself from any calamity that occurs, be it natural...
Words: 2454 - Pages: 10
...Running head: SHORT TITLE OF PAPER (<= 50 CHARACTERS) Title Author Author Affiliation Abstract Your abstract should be one paragraph and should not exceed 120 words. It is a summary of the most important elements of your paper. All numbers in the abstract, except those beginning a sentence, should be typed as digits rather than words. To count the number of words in this paragraph, select the paragraph, and on the Tools menu click Word Count. Title of Paper In this assignment, I will write a four to five report in how to thwart a malicious attacks, threats, vulnerabilities to a game system. I have just been hired as an Information System Engineer for a videogame development company. The organization network structure have been identified by the company as having 2- firewall, 1- Web/FTP server, 1-Microsoft Exchange Email Server, Network Intrusion Detection System(NIDS), 2-Windows Server 2012 Active Directory Domain Controllers(DC) 3-File servers 1-Wireless access point(WAP) 100-Desktop/Laptop computers VoIP telephone system. The CIO of this company has just received a report of malicious activities on the rise and has become extremely concerned with the protection of intellectual property and highly sensitive data maintained by his organization. As part of my job task with the organization, I will identify and draft a report identifying potential malicious attacks, threats, and the vulnerabilities that is specific to his organizations. It has been requested that...
Words: 401 - Pages: 2
...Availability Disaster Recovery: Best Practices HOME SUPPORT TECHNOLOGY SUPPORT AVAILABILITY HIGH AVAILABILITY TECHNOLOGY INFORMATION TECHNOLOGY WHITE PAPER Disaster Recovery: Best Practices Downloads Disaster Recovery: Best Practices Contents 1 Executive Summary 2 Disaster Recovery Planning 2.1 Identification and Analysis of Disaster Risks/Threats 2.2 Classification of Risks Based on Relative Weights 2.2.1 External Risks 2.2.2 Facility Risks 2.2.3 Data Systems Risks 2.2.4 Departmental Risks 2.2.5 Desk-Level Risks 2.3 Building the Risk Assessment 2.4 Determining the Effects of Disasters 2.4.1 List of Disaster Affected Entities 2.4.2 Downtime Tolerance Limits 2.4.3 Cost of Downtime 2.4.4 Interdependencies 2.5 Evaluation of Disaster Recovery Mechanisms 2.6 Disaster Recovery Committee 3 Disaster Recovery Phases 3.1 Activation Phase 3.1.1 Notification Procedures 3.1.2 Damage Assessment 3.1.3 Activation Planning 3.2 Execution Phase 3.2.1 Sequence of Recovery Activities 3.2.2 Recovery Procedures 3.3 Reconstitution Phase 4 The Disaster Recovery Plan Document 4.1 Document Contents 4.2 Document Maintenance 5 Reference 1 Executive Summary Disasters are inevitable but mostly unpredictable, and they vary in type and magnitude. The best strategy is to have some kind of disaster recovery plan in...
Words: 5950 - Pages: 24
...Conference Room Disaster Case Study Analysis Assuming the day would have been a typical and normal working day was a complete incorrect assumption as the meeting in a crowded conference room is cancelled due to the ceiling giving way to a water leakage, flooding the working papers and electronics that were on the conference room table. Staff members rushed out into the dry hallways leaving the working papers and electronics on the conference room table to be drenched with water. The working papers are most possibly facing complete turmoil of the data that was to be discussed and the electronic equipment’s could be substantially damaged by the water flood. Many thoughts came to my mind such as did anyone save the documents on an external storage drive? Or, did anyone from maintenance perform a routine maintenance check of the water plumbing in the building? And, did the company leaders ever implement some sort of a Disaster Recovery Plan (DRP) for when such disasters occur in working environments that encompass physical and intangible working documents and data? All these questions flooded my mind more than I could imagine the water to have flooded the conference room. These questions resulted from the problems that occurred and each problem that we faced could have had higher severity in damages. The problems that were incurred were due to prior problems that were built upon newer problems. The first problem that I thought of that could have existed was the routine maintenance...
Words: 731 - Pages: 3
...Disaster Recovery Plan: A Brief Overview IT244 Axia Online College of University of Phoenix This following paper will highlight a brief overview of a DRP, covering the purpose of a DRP, key elements of a DRP, methods to test a DRP, and why testing should be done on a DRP. The main function or purpose of a DRP is to basically help identify a logical plan to recover from a disaster. Such as in any business, especially dealing with information technology, a DRP can help a business or company continue to run smoothly, with minimum disruption to normal operations. Every DRP is created differently and key elements that make a DRP may differentiate. To give an example onto what kind of key elements are found in a DRP; according to the information shown by the University of Arkansas, Fayetteville Department of Computing Services website, DRP can contain the following key elements: 1. General Information About The Plan 2. Disaster Planning 3. Initiation of Emergency Procedures 4. Initiation of Recovery Procedures 5. Maintaining the Plan A DRP cannot be fully realized or put into action unless a testing of the DRP can be done. The testing basically helps find any weak areas in the DRP so planner can improve in those areas. According to Mark S. Merkow and Jim Breithaupt authors of Information Security: Principles and Practices there are five methods to test a DRP and they are as follow: 1. Walk-through: Members...
Words: 583 - Pages: 3
...Details of Assessment | Term and Year | Term 4 2014 | Time allowed | N/A | Assessment No | 2 | Assessment Weighting | 30% | Assessment Type | Written | Due Date | Week 6 | Room | 101 George St | Details of Subject | Qualification | ICA50111 Diploma of Information Technology | Subject Name | Disaster Recovery and Contingency Plans | Details of Unit(s) of competency | Unit Code | ICASAS505A Review and update disaster recovery and contingency plans | Details of Student | Student Name | | College | | Student ID | | Student Declaration: I declare that the work submitted is my own, and has not been copied or plagiarised from any person or source. | Signature: ___________________________ Date: _______/________/_______________ | Details of Assessor | Assessor’s Name | | Assessment Outcome | Results | Satisfactory Not Satisfactory | Marks | | FEEDBACK TO STUDENTProgressive feedback to students, identifying gaps in competency and comments on positive improvements: | ________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________ | Student Declaration: I declare that I have been assessed in this unit, and I have been advised of my result...
Words: 928 - Pages: 4
...DR Plan One way to implement a Disaster Recovery Plan would include two stages toward completion. With a commitment to completing these stages, your operation will be protected from the definite consequences of any disaster that may occur. STAGE I Step One should consist of the signing of a base disaster recovery contract with a vendor that you feel will be able to satisfy your requirements over a long period of time. Remember that a commitment to disaster recovery is not for the short fall, but for the long term protection of your organization. Therefore since your investment both in time and money will be considerable, you must make sure that this investment is made wisely. Any disaster recovery vendor should offer contract terms that will fit your particular needs. A five year term may not be in your best interest therefore your vendor should be able to provide terms that will best serve you and not that vendor. As an example you may require that the initial term be a period of six months with some automatic extension at the end of this period. This will give you the leverage to get out of an unsatisfactory arrangement while at the same time protecting the vendor's investment if the service is as advertised. Possibly the most important aspect of your contract is if the vendors guarantee that you will have access to the facility in case of a disaster. If there is a remote possibility that you would not have access to the disaster recovery facility, then the vendor should...
Words: 1794 - Pages: 8
...INTRODUCTION 4 DOMAIN 1: ACCESS CONTROL WHAT’S NEW IN ACCESS CONTROL? AN OVERVIEW 5 5 7 DOMAIN 2: SOFTWARE DEVELOPMENT SECURITY WHAT’S NEW IN APPLICATIONS SECURITY (NOW SOFTWARE DEVELOPMENT SECURITY)? AN OVERVIEW 9 9 10 DOMAIN 3: BUSINESS CONTINUITY & DISASTER RECOVERY WHAT’S NEW? AN OVERVIEW 12 12 13 DOMAIN 4: CRYPTOGRAPHY WHAT’S NEW? AN OVERVIEW 17 17 18 DOMAIN 5: INFORMATION SECURITY GOVERNANCE & RISK MANAGEMENT WHAT’S NEW? AN OVERVIEW 21 21 22 DOMAIN 6: LEGAL, REGULATIONS, INVESTIGATIONS, AND COMPLIANCE WHAT’S NEW? AN OVERVIEW 24 24 26 DOMAIN 7: SECURITY OPERATIONS WHAT’S NEW? AN OVERVIEW 28 28 29 DOMAIN 8: PHYSICAL & ENVIRONMENTAL SECURITY WHAT’S NEW? AN OVERVIEW 32 32 33 DOMAIN 9: SECURITY ARCHITECTURE & DESIGN WHAT’S NEW? AN OVERVIEW 36 36 38 DOMAIN 10: TELECOMMUNICATIONS & NETWORK SECURITY WHAT’S NEW? AN OVERVIEW 40 40 41 INFOSEC INSTITUTE’S CISSP BOOT CAMP COURSE OVERVIEW COURSE SCHEDULE 44 44 45 INTRODUCTION (ISC)²’s CISSP Exam covers ten domains which are: Access Control Application Development Security Business Continuity and Disaster Recovery Planning Cryptography Information Security Governance and Risk Management Legal regulations, investigations, and compliance Operations Security Physical and Environmental Security Security Architecture and Design Telecommunications and Network Security Over the course...
Words: 11687 - Pages: 47
