...Disaster recovery plans allows and gives the opportunity to a business to be able to recoup from any number of disasters, whether it may be a natural disaster or a fault of equipment to include power loss. These plans can be fairly basic with a goal and summary of what is to happen in the event of a disaster, to intensely involved and well spelled out plans that break down the summary, personal, intent, goal, and a timeline of events to follow. While disasters are unforeseen events that a business may never see or have to implement their plan, it allows them to be setup for success if it were to happen and not be doomed for failure in hopes of it not being a possibility. For this report, contact was made with Richmond County in Augusta Georgia to their IT department to discuss their disaster recovery plan. Some organizations are well equipped and have staffed members that specialize and have sole intent on being the disaster recovery planner and implementer. Others may contract out to other businesses to provide support and guidance on the matter. In this case, Richmond County has looked to a company called intelliSystems to provide hands-on assistance in their disaster recovery plan. IntelliSystems is a local company to the area with a mission to help “many businesses rid themselves of technology worries so that they can concentrate on growing their businesses and realizing their goals” (intelliSystems, 2015). They do this by providing key areas of: Microsoft Small Business...
Words: 646 - Pages: 3
...State of Oklahoma Disaster Recovery Plan Template Version 1.0 31 October 2007 TABLE OF CONTENTS DISASTER RECOVERY PLAN – DOCUMENT CHANGE CONTROL 6 EXECUTIVE SUMMARY 8 Overview 8 Recovery Statement Summary 8 Recovery Scenario #1: The Preferred Solution for a Total Data Center Loss 8 Recovery Strategies: Activities and Time Frames 9 Short-Term (2 to 3 Days): 9 Medium-Term (6 to 12 weeks): 9 Longer-Term (6 months to 2 years): 9 Recovery Scenario #2: The Strategy for Loss of a Critical System or Component 9 Summary 10 INTRODUCTION 11 INFORMATION SECURITY POLICY – DEFINITIONS & STATED REQUIREMENTS 11 8.2 Disaster Recovery Plan 11 8.3 Business Recovery Strategy 11 PLAN DISTRIBUTION 11 PLAN OBJECTIVES 11 PLAN ASSUMPTIONS 12 Definitions 12 PROCESSING ENVIRONMENT 13 Scope of Recovery 13 Environment Description 13 Essential Equipment 13 Disaster Recovery Scripts 15 RECOVERY PLAN ELEMENTS 17 1. Recovery Plan for Major Disasters 17 A. Detection and Reaction 17 B. Identifying the problem – Notifying the authorities 17 C. Establishing a Command Center 17 D. Reducing Exposure 17 2. Roles and Responsibilities 20 A. Management / Damage Assessment Team: Initial Response 21 B. Disaster Recovery Teams — Emergency Contact List 22 (AGENCY) FUNCTIONAL AREA MANAGERS 23 3. Recovery Plan for Major Disasters 24 A. Establishment of Full Recovery at Backup Site 24 B. Disaster Recovery Team Checklists 24 C. Restoration of Facilities and...
Words: 17396 - Pages: 70
...Disaster Recovery Plan Saphia Christopher Strayer University CIS 462 Dr. Basta An IT disaster recovery plan provides step-by-step procedures for recovering disrupted systems and networks, to help them resume normal operations. The goal of these processes is to minimize any negative impacts to company operations. The IT disaster recovery process identifies critical IT systems and networks; prioritizes their recovery time objective; and delineates the steps needed to restart, reconfigure, and recover them. A comprehensive IT DR plan also includes all the relevant supplier contacts, sources of expertise for recovering disrupted systems and a logical sequence of action steps to take for a smooth recovery (Kirvan, 2009). The following Disaster Recovery Plan has been put together for the mock company which will be named ABC Technologies. The information contained in the DRP is partially real information from my current employer and other parts are made up. This is in response to my current firm’s policy against the dissemination of proprietary information. Information Technology Statement of Intent This document delineates our policies and procedures for technology disaster recovery, as well as our process-level plans for recovering critical technology platforms and the telecommunications infrastructure. This document summarizes our recommended procedures. In the event of an actual emergency situation...
Words: 2966 - Pages: 12
...Section 6. Disaster recovery procedures For any disaster recovery plan, the following three elements should be addressed. Emergency Response Procedures To document the appropriate emergency response to a fire, natural disaster, or any other activity in order to protect lives and limit damage. Backup Operations Procedures To ensure that essential data processing operational tasks can be conducted after the disruption. Recovery Actions Procedures To facilitate the rapid restoration of a data processing system following a disaster. Disaster action checklist 1. Plan Initiation a. Notify senior management b. Contact and set up disaster recovery team c. Determine degree of disaster d. Implement proper application recovery plan dependent on extent of disaster (see Section 7. Recovery plan--mobile site) e. Monitor progress f. Contact backup site and establish schedules g. Contact all other necessary personnel--both user and data processing h. Contact vendors--both hardware and software i. Notify users of the disruption of service 2. Follow-Up Checklist j. List teams and tasks of each k. Obtain emergency cash and set up transportation to and from backup site, if necessary l. Set up living quarters, if necessary m. Set up eating establishments, as required n. List all personnel and their telephone numbers o. Establish user participation plan p. Set up the delivery...
Words: 495 - Pages: 2
...Associate Level Material Appendix D Disaster Recovery Plan Student Name: Enter Your Name Here UNIVERSITY OF PHOENIX IT/244 INTRO TO IT SECURITY Instructor’s Name: Enter Your Instructor's Name Here Date: Enter the date here 1. Disaster Recovery Plan Due in Week Three: For your selected scenario, describe the key elements of the Disaster Recovery Plan to be used in case of a disaster and the plan for testing the DRP. 1.1. Risk Assessment 1.1.1. Critical business processes List the mission-critical business systems and services that must be protected by the DRP. No business wants to face the horror of a disaster, be it from mother nature, external threats, or other catastrophes, but will a well crafted disaster recovery plan, the firm may sustain minimal damage. In preparing for disaster, the planning committee should prepare risk analysis and should be analyzed to determine the potential consequence and impact of several disaster scenarios. The critical needs of each department within Sunica Music and Movies will include functional operations, key personnel, information, processing systems, service, documentation, vital records, and policies and procedures. Processing and operations should be analyzed to determine the maximum amount of time that the department and organization can operate without each critical system. 1.1.2. Internal, external, and environmental risks Briefly discuss the internal, external, and environmental risks, which might be likely to...
Words: 860 - Pages: 4
...Beals Jr. 2010 Axia College IT/224 Intro to IT Security Disaster Recovery Plan: Risk Assessment: There are many risk that assessments that come into play when it comes to a business, in this cases our risk assessments are centered around the protection of our systems such as; human resources system, interior design system, exterior design system, customer privacy system, and our back-up system. Internal, external, and environmental risks: There are many risks that come with any type of business, it is up to the owners to identify these risks and deal with them in the appropriate way. With any business there will be some type of problem such as loss of business, which is a result of customers not using our services; the more customers that we lose would result in more money spent and less money made hence the loss of assets. There is also the case of fires; no company is completely safe from the threat of fires and depending on the type of fire, and because of this there could be some type of loss of life. This is also possible when there are bad weather, earthquakes, or terrorists attacks. Disaster Recovery Strategy: Of the different types of strategies talked about I think the best way to go in my situation and the business that I am conducting would be a warm site. A warm site is like a mediator between hot and cold sites and would provide the advantages of both sites in the different ways. Disaster Recovery test Plan: Walk-through: Each member or client will have...
Words: 470 - Pages: 2
...Disaster Recovery Plan Company Overview Strategic Business Solutions is a Veteran-owned small business with less than fifty employees and the business goal is to continue specializing in Information Technology (IT), project management, and business development solutions. Our main projects involve Internet-based E-commerce solutions. The following diagram depicts our current network, which is PCI compliant and can handle high-traffic websites: Risk Assessment Critical business processes Disruption of an information resource is not a disaster in itself, unless it is related to a critical business process, for example, an organization losing its revenue generating business process due to an information system failure. Other examples of potential critical business processes may include: * Production of finished goods * Advertising of the organization’s product(s) to be sold * Selling of the enterprise’s products or services * Receiving payments * Dispatching of finished goods * Provision of final services * Legal and regulatory compliance * Safeguarding of private and confidential data and other Information assets * Logistics services in the organization * Paying the employees Internal, external, and environmental risks Although all forms of corporate risks and potential damage can’t be avoided, but a realistic objective is to ensure the survival of the organization by establishing a culture that will identify and manage...
Words: 1568 - Pages: 7
...Disaster Recovery Plan: A Brief Overview IT244 Axia Online College of University of Phoenix This following paper will highlight a brief overview of a DRP, covering the purpose of a DRP, key elements of a DRP, methods to test a DRP, and why testing should be done on a DRP. The main function or purpose of a DRP is to basically help identify a logical plan to recover from a disaster. Such as in any business, especially dealing with information technology, a DRP can help a business or company continue to run smoothly, with minimum disruption to normal operations. Every DRP is created differently and key elements that make a DRP may differentiate. To give an example onto what kind of key elements are found in a DRP; according to the information shown by the University of Arkansas, Fayetteville Department of Computing Services website, DRP can contain the following key elements: 1. General Information About The Plan 2. Disaster Planning 3. Initiation of Emergency Procedures 4. Initiation of Recovery Procedures 5. Maintaining the Plan A DRP cannot be fully realized or put into action unless a testing of the DRP can be done. The testing basically helps find any weak areas in the DRP so planner can improve in those areas. According to Mark S. Merkow and Jim Breithaupt authors of Information Security: Principles and Practices there are five methods to test a DRP and they are as follow: 1. Walk-through: Members...
Words: 583 - Pages: 3
...Considering the recent attack it is imperative for Gem Infosys to have a plan in place for incident-response / operational readiness in the event of an info security breach. This policy is to coincide with our current group and policies and procedures while expanding on how Gem Infosys will develop an incident-response team (interchangeably IRT), disaster recovery process (interchangeably DRP)and business-continuity plan (interchangeably BCP). The goal is for this to be considered a blueprint / foundation in the event Gem Infosys must deploy resources out in the event of an incident and even more importantly the steps and procedures so that down time is at a near zero time during such security risk. Even though “It takes the enterprise some time to assess the exact effects of the disaster” (Disaster Recovery: Best Practices, 2008). Gem Infosys’ is a small software company with a smaller computing environment currently consist of 10 pc’s, and 6 servers that range from file servers, web servers, and AD servers. At present there is a firewall protecting the network but from running an analysis of response time after the recent attack it took responders 6 hours to realize the breach, 24 hours to determine all the components that have been breached and an additional 24 hours to resolve the issue. This length of response time resulted in Gem Infosys networks being down for 48 complete hours (2 business days). This downtime resulted in great corporate loss and was quite costly...
Words: 987 - Pages: 4
...Introduction Disasters can occur at any time and more often than not they happen all of a sudden which leads to unexpected interruptions in the services offered by the businesses. At the point when a crisis strikes, our prompt security and recovery will rely upon the current levels of readiness among workforce, staff and other stakeholders. It is highly critical that all organizations frame an effective disaster recovery plan and allocate an estimated number of human and financial resources to ensure continuity of business at the time of emergencies and disasters. While it is extremely challenging for small businesses because of limited resources, it is reasonably difficult even for the large organizations. Definition A disaster recovery...
Words: 1166 - Pages: 5
...DRP / ECP Disaster Recovery Plan Enterprise Continuity Plan This presentation will explore the different parts and pieces necessary for a successful Disaster Recovery Plan / Enterprise Continuity Plan. More specifically, this presentation will provide information needed to garner and bolster support for such a plan from the university’s executive team. A well prepared, maintained and rehearsed recovery and/or continuity plan should have the ability to keep the university up and running throughout any type of disruptive event. DRP/ECP Team Members & Roles ● ● ● ● ● ● ● ● ● ● Crisis Management Team Administrative Support Team Damage Assessment Team Recovery Coordination Team Corporate Communications Team Human Resources Support Team Site Restoration Team Transportation Support Team System Restoration Team Voice Recovery Team and End-User Tech Support Team The Crisis Management Team should be a cohort of upper level management that will be responsible for all significant decision making in response to the current event. Only specific members of the Crisis Management team should be authorized to declare an emergency and decide on the appropriate action. Key responsibilities of this group include: analyzation of preliminary reports, disaster declaration, determination of appropriate response, activation of contingency plans and notification of team leaders (Hiles, 2010). The Administrative Support Team includes representatives from all major departments who can provide...
Words: 2423 - Pages: 10
...Associate Level Material Appendix D Disaster Recovery Plan Student Name: Casey DeCesare University of Phoenix IT/244 Intro to IT Security Instructor’s Name: Scott Sabo Date: 4/27/14 Disaster Recovery Plan Due in Week Three: For your selected scenario, describe the key elements of the Disaster Recovery Plan to be used in case of a disaster and the plan for testing the DRP. 1 Risk Assessment 1 Critical business processes List the mission-critical business systems and services that must be protected by the DRP. The mission-critical business systems and services that must be protected by this DRP are: Payroll, Human Resource Data, POS backup media, and Web Servers and their services. 2 Internal, external, and environmental risks Briefly discuss the internal, external, and environmental risks, which might be likely to affect the business and result in loss of the facility, loss of life, or loss of assets. Threats could include weather, fire or chemical, earth movement, structural failure, energy, biological, or human. Examples of internal risks that may affect business are unauthorized access by individuals who are employed by the company, and those who aren’t employed by the company but still have access to individual store’s computer systems, applications, or areas where the servers and backup media are located. Other external and environmental...
Words: 638 - Pages: 3
...Institution 1) With respect to disaster recovery - describe the difference between hot, warm, and cold recovery sites. Cold recovery sites This is an appropriately configured room or space in a building with no server-related equipment pre-installed. It provides power, cooling and office which is used in case of an outage or disaster in the main work site. The staff moves to this site when a disaster is declared. It does not include any backed up copies of the data and information from the main or original work site location. For this reason it is considered the most inexpensive backup as there is minimal start-up cost. However, it takes more time to have it running at a capacity almost the same or the same as that of the original site before the disaster. For the service to be restored, the last backups from the off-site storage locations must be delivered and a few hardware components set up before recovery can start. Hot recovery site This is an exact copy of the main work site of the organization or the datacenter, it is actually said to mirror the original site. It is equipped with full computers and complete backups for the user data. There also servers, cooling systems power and an office space (if needed). Using a wide area network and specialized software, the site is run concurrently with the original site to provide an immediate failover system in case of a disaster. It takes the organization few hours or less to recover from a disaster with minimal losses. An organization...
Words: 693 - Pages: 3
...Study of Designing a Self-Service Disaster Recovery Plan 1.0 Issues regarding disaster recovery plan (DRP) Disaster recovery plan (DRP) is a clearly defined and documented plan of action for use at the time of a crisis. Typically a plan will cover all the key personnel, resources, services and actions required to implement and manage the DR process (comission, 2014). A large US public power provider, with millions of residential and business customers, needed to rethink its disaster recovery program. Due to budget constraints, the utility’s data recovery program had not been updated or tested for several years. Under the existing program, systems recovery could take up to 20 days—an unacceptable timeframe for a utility relied upon by numerous states for critical infrastructure services. Moreover, the utility was grappling with internal audit findings pertaining to unresolved disaster recovery deficiencies, which attracted the attention of board members. The board suggested that the utility modernize its disaster recovery program and keep it up to date. A Disaster Recovery Plan is designed to ensure the continuation of vital business processes in the event that a disaster occurs. The September 11, 2001 attacks on the World Trade Center has trigger the urgent of the DRP (Krocker, 2002). 1.1 Reason for a self-service disaster recovery plan 1.1.1. Ease of Getting Started Deploying and managing a traditional disaster recovery plan can be complex and require...
Words: 1084 - Pages: 5
...various Business Continuity & Disaster Recovery Planning models. Information is a vital resource to modern companies. The loss of that information can throw a company into chaos and even be the end of it. For these reasons, businesses go to great lengths to ensure that the information they store and rely on will always be safe and available. Unfortunately despite these best efforts, disaster can still strike and the few hours of days after such an event may be crucial to the long term survival of the company. This is why businesses must be able to recover quickly from natural and man-made disasters. Business Continuity & Disaster Recovery covers how companies should act in the hours and days after a disruptive event. “What is Business Continuity and Disaster Recovery” describes disaster recovery as “...specific steps taken to resume operations in the aftermath of a catastrophic natural disaster or national emergency.” They go to give examples of such steps to include restoring servers and data connections, egress, employee muster, etc. Business Continuity is described as a the steps a company takes to ensure its information systems don't go down during a disaster (What is Business Continuity and Disaster Recovery). This may include the location of hot or cold sites as well as procedures for relocating to them. Disaster Recovery plans may also focus on preventive measures such as smoke alarms and fire drills (Smith, C., n.d.). Business recovery plans may cover loans and insurance...
Words: 399 - Pages: 2