...Trucking Disaster Recovery Plan CMGT/410 Huffman Trucking Disaster Recovery Plan Huffman Trucking is a privately held national company with six hundred million dollars a year in revenues. The company has hubs in Los Angeles, California; St. Louis, Missouri; Cleveland, Ohio; and Bayonne, New Jersey. The company maintains a truck maintenance facility at the hub in Cleveland, Ohio. Each hub maintains a data center, linked to the corporate offices through various Internet access methods. Recent reports of computer hacking and database corruption have highlighted the need for a coordinated data security and disaster recovery plan. A comprehensive corporate-wide strategy for data security, site backup, and disaster recovery will allow the company to continue to function and communicate during emergencies that involve any of the company’s data hubs and minimize effect on company operations. Huffman Trucking Disaster Recovery Plan Project Objectives “On August 28, 2005, Hurricane Katrina hit the southern coast of the United States with devastating effect. It was reported that more than 1800 people lost their lives and more than $81 billion dollars in damages occurred” (United States Department of Health and Human Services, 2005). Emergencies and disasters can happen at any time. Planning for disasters takes time. According to Krugman (2006), “even after three months, there was still not a reconstruction plan, let alone a plan under way.” The main purpose of a disaster recovery...
Words: 1801 - Pages: 8
...IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP Revision History |revision |date |name |description | |Original 1.0 | | | | | | | | | | | | | | Table of Contents Information Technology Statement of Intent 5 Policy Statement 5 Objectives 5 Key Personnel Contact Info 6 Notification Calling Tree 7 External Contacts 8 External Contacts Calling Tree 10 1 Plan Overview 11 1.1 Plan Updating 11 1.2 Plan Documentation Storage 11 1.3 Backup Strategy 11 1.4 Risk Management 11 2 Emergency Response 12 2.1 Alert, escalation and plan invocation 12 2.1.1 Plan Triggering Events 12 2.1.2 Assembly Points 12 2.1.3 Activation of Emergency Response Team 12 2.2 Disaster Recovery Team 13 2.3 Emergency Alert, Escalation and DRP Activation 13 2.3.1 Emergency Alert 13 2.3.2 DR Procedures for Management 14 2.3.3 Contact with Employees 14 2.3.4 Backup Staff 14 2.3.5 Recorded Messages / Updates 14 2.3.7 Alternate Recovery Facilities...
Words: 4679 - Pages: 19
...Security Instructor’s Name: Date: 03/25/12 Table of Contents 1. Executive Summary 1 2. Introduction 1 3. Disaster Recovery Plan 1 3.1. Key elements of the Disaster Recovery Plan 1 3.2. Disaster Recovery Test Plan 1 4. Physical Security Policy 1 4.1. Security of the facilities 1 4.1.1. Physical entry controls 1 4.1.2. Security offices, rooms and facilities 1 4.1.3. Isolated delivery and loading areas 2 4.2. Security of the information systems 2 4.2.1. Workplace protection 2 4.2.2. Unused ports and cabling 2 4.2.3. Network/server equipment 2 4.2.4. Equipment maintenance 2 4.2.5. Security of laptops/roaming equipment 2 5. Access Control Policy 2 6. Network Security Policy 3 7. References 3 Executive Summary Due in Week Nine: Write 3 to 4 paragraphs giving a bottom-line summary of the specific measureable goals and objectives of the security plan, which can be implemented to define optimal security architecture for the selected business scenario. This new strategy guide for Bloom Design Group provides a comprehensive strategy for providing a safe and secure work environment. Several new policies and procedures will be implemented as a result of these new ideas. Bloom Design Group will have little trouble in adhering to the promised plan based on the their assets and experienced personnel. The goals implemented will include new user accounts and access...
Words: 3916 - Pages: 16
...Associate Level Material Appendix C Introduction Student Name: Philip J. McCarthy UNIVERSITY OF PHOENIX IT/244 INTRO TO IT SECURITY Instructor’s Name: JAMES SERSHEN Date: 04/18/2012 1. Introduction Due in Week One: Give an overview of the company and the security goals to be achieved. 1.1. Company overview As relates to your selected scenario, give a brief 100- to 200-word overview of the company. The Company I have chosen is, The Bloom Design Group. The Bloom Design Groups mission is to provide online interior design services to its customers. The company offers their customers interior design services. What sets this company apart from others is that they have a website that allows customers a chance to design and decorate their rooms to their liking in a virtual environment before spending their money. The option provided for their customers is a virtual decorating tool. With this tool customers can play around with various color schemes for each room’s floor and ceilings, as well as customizing furniture as well. Then employees are able to access the corporate network through a VPN collection to access their client files, in order to place electronic orders for the design materials and furniture. 1.2. Security policy overview Of the different types of security policies—program-level, program-framework, Issue-specific, and system-specific—briefly cover which type is appropriate to your selected business scenario and why. Program-Framework security policy...
Words: 924 - Pages: 4
...Axia College Material Appendix B Information Security Policy Student Name: Brice Washington Axia College IT/244 Intro to IT Security Instructor’s Name: Professor Smith Date: 11/7/2011 Table of Contents 1. Executive Summary 1 2. Introduction 1 3. Disaster Recovery Plan 1 3.1. Key elements of the Disaster Recovery Plan 1 3.2. Disaster Recovery Test Plan 1 4. Physical Security Policy 1 4.1. Security of the facilities 1 4.1.1. Physical entry controls 1 4.1.2. Security offices, rooms and facilities 1 4.1.3. Isolated delivery and loading areas 2 4.2. Security of the information systems 2 4.2.1. Workplace protection 2 4.2.2. Unused ports and cabling 2 4.2.3. Network/server equipment 2 4.2.4. Equipment maintenance 2 4.2.5. Security of laptops/roaming equipment 2 5. Access Control Policy 2 6. Network Security Policy 3 7. References 3 Executive Summary Due in Week Nine: Write 3 to 4 paragraphs giving a bottom-line summary of the specific measureable goals and objectives of the security plan, which can be implemented to define optimal security architecture for the selected business scenario. With advancements in technology there is a need to constantly protect one’s investments and assets. This is true for any aspect of life. Bloom Design is growing and with that growth we must always be sure to stay on top of protecting ourselves...
Words: 4226 - Pages: 17
...Disaster Recovery Plan Saphia Christopher Strayer University CIS 462 Dr. Basta An IT disaster recovery plan provides step-by-step procedures for recovering disrupted systems and networks, to help them resume normal operations. The goal of these processes is to minimize any negative impacts to company operations. The IT disaster recovery process identifies critical IT systems and networks; prioritizes their recovery time objective; and delineates the steps needed to restart, reconfigure, and recover them. A comprehensive IT DR plan also includes all the relevant supplier contacts, sources of expertise for recovering disrupted systems and a logical sequence of action steps to take for a smooth recovery (Kirvan, 2009). The following Disaster Recovery Plan has been put together for the mock company which will be named ABC Technologies. The information contained in the DRP is partially real information from my current employer and other parts are made up. This is in response to my current firm’s policy against the dissemination of proprietary information. Information Technology Statement of Intent This document delineates our policies and procedures for technology disaster recovery, as well as our process-level plans for recovering critical technology platforms and the telecommunications infrastructure. This document summarizes our recommended procedures. In the event of an actual emergency situation...
Words: 2966 - Pages: 12
...Security Instructor’s Name: Date: October 28, 2012 Introduction Due in Week One: Give an overview of the company and the security goals to be achieved. 1 Company overview As relates to your selected scenario, give a brief 100- to 200-word overview of the company. Sunica Music and Movies is the company that I have chosen. Working independent of one another, the four locations cannot effectively service their costumer’s needs when it comes to inventory and special items, which is causing the stores to lose money due to the lack of good communication between each of the stores. By not having access to share, any customer information or inventory between the stores costumers are growing tired of the inconvenience. In other words, they do not have the best communications skills. What they are trying to do is make it very simple so that they are able to connect to each other through the internet to a central database so that customers are able to see what is available and what they have in stock. This way the stores will be able to communicate with one another through the internet and to know what is available at the other locations and what items that are being sold in order to keep the more popular items in stock and not waste time or money ordering the items that are not creating positive revenue. 2 Security policy overview Of the different types of security policies—program-level, program-framework, Issue-specific...
Words: 735 - Pages: 3
...DREAMZ TELECOMMUNICATIONS, INC. Charleston, S.C. Operations Contingency Plan Torey A. Shannon Dreamz Security Plan I. Overview 2.1 Objectives The operative objectives of this security plan is to provide employees with a safe and secure work environment that implements efficient security controls that protect the confidentiality of employees’ and clients information while employing efficient protocol to thwart and/or counteract potential security threats. To protect employees and clients from threats from unauthorized personnel and foreign agents, physical and technical security will be strategically placed within the organization through employee policy and technical support. Dreamz Incorporated will create security education, training, and awareness programs to further safeguard against potential threats and minimize loss from security intrusions. 2.2 Strategic Corporate Officers CEO - Raymond Williams (PH) 678-873-9087, (Email)Rwilliams@dreamz.org CIO - MarciaCamos (PH) 678-873-9088, (Email)Mcamos@dreamz.org CISO - James Korve (PH) 678-873-9089, (Email)Jkorve@dreamz.org 2.3 Information Security Governance Assignments CEO * Oversee Corporate Security policy * Brief board, customers, and public on corporate activities and policies. CIO, CISO * Set security policy, procedures, programs and training for the organization. * Respond to security breaches and coordinate independent audits. * Implement...
Words: 4878 - Pages: 20
...Systems Analysis and Design Seventh Edition End of Chapter Solutions Chapter NINE System Architecture ANSWERS TO CASE-SIM: SCR ASSOCIATES CASE-SIM: SCR ASSOCIATES Assignments 1. Jesse wants me to recommend a vendor who offers an ERP strategy. I need to review SAP and Oracle Web sites, and at least two others that offer ERP solutions, and reply to her with the results and the reasons for my recommendations. Answers will vary. Students should realize that SCR foresees a dynamic future. With this in mind, an ERP strategy would be highly desirable. Students should have a basic understanding of ERP. When they research on the Internet, students should be able to find more material they can use in their recommendations. For reference purposes, the following screens are provided: [pic] [pic] 2. Visit SCR’s data library to review SCR’s network configuration and then send Jesse a recommendation for the TIMS system architecture. She wants me to suggest an overall client/server design, number of tiers, and network topology. She also asked me to comment on these issues: legacy data, Web-centricity, scalability, security, and batch processing that might be needed. Jesse said it was OK to make reasonable assumptions in my proposal to her. Student answers will vary. Students should start by viewing the SCR network shown in the Data Library. Based on information in this chapter and previous SCR assignments, students should be able to form an opinion...
Words: 8699 - Pages: 35
...The purpose of this memorandum is to provide a brief overview of what was found during the security audit and to offer suggestions of what should be included in the Meridian Manufacturing Ltd. security policy over local area networks. A local area network, is a network of personal computers that located in a small geographic area such as office, building, or campus. The Computer Security Act of 1987 assigned the responsibility for developing computer standards and guidance for federal unclassified systems including LANs/WANs. I observed that the file servers that support all LANs sit on a long desk outside mainframe computer room. Controlling access to the server is a basic LAN security issue because sensitive data can be accessed and stolen. The manager retorted that the security access to the file room is restricted to the IT staff and that the keyboards also password protected. The main concern here is that the file servers do sit on the long tables which could bring physical harm to the networks in case the table breaks. Review ITC policy and procedures for using ITS computer equipment for non-official use and evaluate for reasonableness, enforceability and compliance with laws and regulations. Access security rules to ensure the design and structure of access security by verifying IDs used for production jobs are properly defined and verify that the security database is efficiently and efficiently organized from most general to most specific levels of hierarchy. One...
Words: 488 - Pages: 2
...Company Members Project scope statement Project Title: Improve Network Structure for Lawyers Firm Date: June 27, 2012 Document prepared by: Email: * We will provide our clients with IT solutions that offer practical value today while positioning them to meet the business and technological needs of tomorrow. With our constant focus on improved business results, we will make and build definitive plans for the best and most economical IT hardware and solutions. Our goal is to ensure a solid network as well as a state of the art design and equipment for a Law Firm’s work environment. Assure that appropriate telecommunications and computing resources are available to support the mission of the firm Assure that each staff member who uses telecommunications and computing resources in his or her position has a computer of sufficient capability to fulfill their required job responsibilities Ease resource and financial planning by reducing the effort involved in budgeting and planning for new telephone units, computers, network, classroom equipment and server systems. Provide for the cost effective and timely purchasing and installation of new equipment while decreasing the deployment time for new equipment; and disposal of old and obsolete equipment. ------------------------------------------------- Deliverables Dell Desktops and laptops Cisco Routers, switches, and Ip phones will be installed and configured Firewalls will be installed Blade server holding case will be provided...
Words: 11532 - Pages: 47
...State of Oklahoma Disaster Recovery Plan Template Version 1.0 31 October 2007 TABLE OF CONTENTS DISASTER RECOVERY PLAN – DOCUMENT CHANGE CONTROL 6 EXECUTIVE SUMMARY 8 Overview 8 Recovery Statement Summary 8 Recovery Scenario #1: The Preferred Solution for a Total Data Center Loss 8 Recovery Strategies: Activities and Time Frames 9 Short-Term (2 to 3 Days): 9 Medium-Term (6 to 12 weeks): 9 Longer-Term (6 months to 2 years): 9 Recovery Scenario #2: The Strategy for Loss of a Critical System or Component 9 Summary 10 INTRODUCTION 11 INFORMATION SECURITY POLICY – DEFINITIONS & STATED REQUIREMENTS 11 8.2 Disaster Recovery Plan 11 8.3 Business Recovery Strategy 11 PLAN DISTRIBUTION 11 PLAN OBJECTIVES 11 PLAN ASSUMPTIONS 12 Definitions 12 PROCESSING ENVIRONMENT 13 Scope of Recovery 13 Environment Description 13 Essential Equipment 13 Disaster Recovery Scripts 15 RECOVERY PLAN ELEMENTS 17 1. Recovery Plan for Major Disasters 17 A. Detection and Reaction 17 B. Identifying the problem – Notifying the authorities 17 C. Establishing a Command Center 17 D. Reducing Exposure 17 2. Roles and Responsibilities 20 A. Management / Damage Assessment Team: Initial Response 21 B. Disaster Recovery Teams — Emergency Contact List 22 (AGENCY) FUNCTIONAL AREA MANAGERS 23 3. Recovery Plan for Major Disasters 24 A. Establishment of Full Recovery at Backup Site 24 B. Disaster Recovery Team Checklists 24 C. Restoration of Facilities and...
Words: 17396 - Pages: 70
...Risk Management Plan Project Name: IS305 Project Manager: Paul Bettinger Date: October 1, 2013 RISK management PLAN INTRODUCTION 2 PURPOSE AND SCOPE 2 RISK MANAGEMENT PLANNING 3 RISK MANAGEMENT ASSIGNMENTS 6 RISK MANAGEMENT TIMELINE 7 MITIGATION PLAN Introduction 8 Cosiderations 8 Prioritizing 9 Cost benefit analysis 10 Implementation 11 Follow-up 11 Buisness impact analysis Introduction 12 Scope 12 PURPOSE AND objectives 13 Steps of bia 13 final review 15 BUSINESS CONTINUITY PLAN Introduction 16 oBJECTIVES 16 BCP PLANNING 17 PLAN UPDATES AND TRAINING 21 computer incident response team Introduction 22 Purpose 22 elements of the plan 23 incident handling process 23 cirt members 23 detection 24 containment 24 recovery and review 24 cirt policies 25 FINAL THOUGHT RISK MANAGEMENT PLAN INTRODUCTION A risk management plan is a process for identifying, assessing, and prioritizing risks that could cause the company a loss. Identifying these risks, threats and vulnerabilities and taking action to prevent or control them now and in the future. Creating a risk management consists of measuring and prioritizing risks involved and taking actions to reduce any loss the company may encounter. Being that indirectly we work with the Department of Defense, which as you knows is a department of the United States Government dealing with national security, a well-developed risk management plan is of the upmost importance. Without updating...
Words: 5009 - Pages: 21
...[pic][pic] Fundamentals of Emergency Management Independent Study 230.a January 14, 2010 FEMA COURSE OVERVIEW Unit 1: Course Introduction Introduction How to Complete This Course Unit 1 Objectives Course Objectives Case Study: Tornado in Barneveld, Wisconsin Your Place in the Emergency Management System Case Study: Hazardous Chemical Release Activity: Where Do I Fit? Unit 2: Overview of the Principles of Emergency Management and the Integrated Emergency Management System Introduction and Unit Overview FEMA Mission and Purpose Response Authorities History Principles of Emergency Management Recent Changes to Emergency Planning Requirements Why an Integrated Emergency Management System? Emergency Management Concepts and Terms Partners in the Coordination Network Activity: Partners in the Coordination Network Emergency Management in Local Government Activity: Where Is Emergency Management in My Community? Unit 3: Incident Management Actions Introduction and Unit Overview Introduction to the Spectrum of Incident Management Actions Prevention Preparedness Response Activity: Response Operations Recovery Mitigation Unit 4: Roles of Key Participants Introduction and Unit Overview The Role of the Local Emergency Program Manager State Emergency Management Role How the Private Sector and Voluntary Organizations Assist Emergency Managers Federal Emergency Management Role The National Response Framework Activity:...
Words: 35531 - Pages: 143
...the Availability Digest Towards Zero Downtime: High Availability Blueprints August 2007 Vishal Rupani focuses on Microsoft Clustering in his very readable book, Towards Zero 1 Downtime: High Availability Blueprints. He first provides a high-level overview of many topics pertinent to high availability. He then devotes most of his book to Microsoft Clustering and to the proper installation of Microsoft’s Cluster Server and several of Microsoft’s cluster-aware applications. He follows this with a brief discussion of disaster-tolerant architectures, and concludes with a case study. High-Availability Topics Rupani begins with a definition of several high-availability concepts, such as planned and unplanned outages, single points of failure, mean time between failures and interruptions, fault tolerance, and redundancy. He then provides an overview of several important high-availability technologies. RAID RAID technology is the most common method to provide data resiliency. With RAID (Redundant Arrays of Independent Disks), data is redundantly stored on multiple disks such that, should one disk fail, the data can still be reconstructed. RAID arrays typically provide a hot-swappable capability so that a failed disk can be replaced without taking down the array. There are several configurations of RAID. Most stripe data across multiple disks to achieve improved performance. Mirrored disks, used by fault-tolerant systems and designated as RAID 1, provide an...
Words: 2470 - Pages: 10