1 NASA IV & V ANNUAL WORKSHOP 202 The 4th International Workshop on Independent Verification & Validation of Software Disaster Recovery Planning Divya Krishnamoorthy Mailam Engineering College, Mailam. (Affiliated to Anna University Chennai, India.)
2 AGENDA Introduction Types of Disasters Principle causes of Disasters Phases of Disasters Computer Disaster Planning Benefits of Computer Disaster Planning Conclusion
3 INTRODUCTION Anything that prevents access to key processes and activities can be defined as a disaster. Disaster recovery is a set of loosely related activities that occur before, during, and after a disastrous event. The ideal disaster recovery process recognizes the possibilities of the situation, and manages the necessary activities so that they are solutions, not additional problems.
4 TYPES OF DISASTERS Disasters that have occurred in similar businesses and companies in the same area may be researched to ascertain the type of threats facing a company. They are, Natural or environmental disasters Technical or mechanical hazards Human Activities or Threads
5 NATURAL OR ENVIRONMENT DISASTERS A natural or environmental disaster could be anything from a fire, flood, earthquake, hurricane, lightning storm or an air crash. The location of the business premises and the local environment needs to be assessed to determine the exact external threats that the company faces.
6 TECHNICAL OR MECHANICAL DISASTERS Technical Disasters includes the computers problems, instrumental failures, industrial disasters, equipments problems, etc Examples of technical threats include viruses, worms, power outages, backup failure, system failure and hacker attacks such as denial of service attacks.
7 HUMAN ACTIVITIES OR THREADS These include accidental and intentional activities. Malicious attacks may originate from hackers, paid professionals, disgruntled employees or organised crime gangs. Unintentional threats may come from employees who accidentally delete or update information. Over dependence on one key person is also a threat to the system.
8 TYPES OF DISASTERS
9 PRINCIPLE CAUSE OF DISASTERS A library or archives disaster is an unexpected event which puts collections at risk. Disasters can be classified into two types. They are as follows Natural Disaster Man-Made Disaster
10 NATURAL DISASTERS Rain and wind storms Floods Biological agents (micro-organisms, insect or vermin infestation) Earthquakes Volcanic eruptions
11 MAN MADE DISASTERS Acts of war and terrorism Fires Water (broken pipes, leaking roofs, blocked drains, fire extinguishing) Explosions Liquid chemical spills Building deficiencies (structure, design, environment, maintenance) Power failures
12 SOME MAJOR EFFECTS OF DISASTERS Regardless of the many forms a disaster may take, the actual damage to collections is usually caused by fire or water. Even when they are not the initial factor, fires and floods almost invariably occur as secondary causes of library and archives disasters.
13 NATURAL DISASTER RATING
14 PHASES OF THE DISASTER The Disaster has four main phases. They are as follows, Prevention Preparedness Response Recovery
15 PHASE : PREVENTION Identify and minimize the risks posed by the building, its equipment and fittings, and the natural hazards of the area. Carry out a building inspection and alter factors which constitute a potential hazard. Establish routine housekeeping and maintenance measures to withstand disaster in buildings and surrounding areas.
16 PHASE : PREVENTION Install automatic fire detection and extinguishing systems, and water-sensing alarms. Take special precautions during unusual periods of increased risk, such as building renovation. Make special arrangements to ensure the safety of library or archival material when exhibited.
17 PHASE : PREVENTION Provide security copies of vital records such as collection inventories, and store these off-site. Protect computers and data through provision of uninterrupted power supply. Have comprehensive insurance for the library or archives, its contents, the cost of salvage operations, and potential replacement, re-binding and restoration of damaged materials.
18 PHASE 2: PREPAREDNESS Develop a written preparedness, response and recovery plan. Keep the plan up-to-date, and test it. Keep together supplies and equipment required in a disaster and maintain them.
19 PHASE 2: PREPAREDNESS Establish and train an in-house disaster response team. Training in : Disaster response techniques Identification and marking on floor-plans and enclosures of irreplaceable and important material for priority salvage.
20 PHASE 2: PREPAREDNESS Prepare and keep an up-to-date set of documentation Distribute the plan and documentation to appropriate locations on- and off-site. Institute procedures to notify appropriate people of the disaster and assemble them rapidly.
21 PHASE 3: RESPONSES Follow established emergency procedures for raising the alarm, evacuating personnel and making the disaster site safe Contact the leader of the disaster response team to direct and brief the trained salvage personnel When permission is given to re-enter the site, make a preliminary assessment of the extent of the damage, and the equipment, supplies and services required.
22 PHASE 3: RESPONSES Stabilize the environment to prevent the growth of mould. Photograph damaged materials for insurance claim purposes. Set up an area for recording and packing material which requires freezing, and an area for air- drying slightly wet material and other minor treatment. Transport water-damaged items to the nearest available freezing facility.
23 PHASE 4: RECOVERY Establish a programme to restore both the disaster site and the damaged materials to a stable and usable condition. Determine priorities for restoration work and seek the advice of a conservator as to the best methods and options, and obtain cost estimates. Develop a phased conservation programme where large quantities of material are involved.
24 PHASE 4: RECOVERY Discard items not worth retaining, and replace or rebind items not justifying special conservation treatment. Contact insurers. Clean and rehabilitate the disaster site. Replace treated material in the refurbished site. Analyse the disaster and improve the plan in the light of experience.
25 COMPUTER DISASTER PLANS To protect vital accounting information from loss, destruction, theft, and other threats, a company should prepare a comprehensive computer contingency plan. The computer contingency plan should have the following component plans: * Emergency * Back-up * Recovery * Test * Maintenance
26 COMPUTER DISASTER PLANS EMERGENCY The emergency plan indicates actions to be taken immediately after a disaster. An important aspect of this plan is the preparation of a contingency organization chart, showing the name of the contingency manager and coordinators. The responsibilities of the contingency manager and contingency coordinators should be explained clearly.
27 COMPUTER DISASTER PLANS BACKUP The second critical aspect of a computer contingency plan is the preparation of a back-up plan. The company should consider the following alternatives: utilization of data processing service bureaus, another company's computers, or a vendor's computers. To ensure a compatible computer is available on short notice, a mutually agreeable contract between the company and the other organization providing back-up facilities should be prepared.
28 COMPUTER DISASTER PLANS RECOVERY The company should assess its ability to restore critical accounting information within an acceptable time period. A competent recovery team is a significant part of any recovery plan. The names, telephone numbers, specific assignments, special or alternative training needs, and other essential information of each team member must be shown on the recovery plan.
29 COMPUTER DISASTER PLANS RECOVERY A section should indicate which recovery team members are responsible for establishing the timetable for the recovery operations and who decides if outside, temporary personnel are needed to complete the recovery on schedule. Also, the recovery plan should include procedures for coping with the non-availability of data processing personnel.
30 COMPUTER DISASTER PLANS TESTING The computer contingency plan must be periodically tested to discover and eliminate problems. Many potential problems can be eliminated by developing a test strategy. The most effective way to determine if the contingency plan works is to conduct simulations of actual disasters. The results of the review should be utilized to identify any flaws in the contingency plan.
31 COMPUTER DISASTER PLANS MAINTENANCE Finally, the company should ensure procedures are devised to keep the contingency plan current. Any necessary changes should be integrated into the documented plan, based on the simulated disasters. A plan of action should be prepared for the implementation of changes to ensure even greater protection from disasters.
32 BENEFITS OF COMPUTER DISASTER PLANS Enables a company to quickly restore its capabilities to process critical accounting information. Provide services and products for its customers efficiently and effectively. Preparation of such a plan forces a company to prioritize accounting applications into critical and non-critical categories. Thus, the company is able to continue processing critical accounting information, ensuring that it will not temporarily nor permanently cease operations.
33 CONCLUSION Although many sources claim a similar methodology for creating a disaster recovery plan, the plan must be heavily customized to the specifics of an organization. This may involve disregarding or combining multiple disaster recovery development phases. The success of a plan depends on its readability just as much as its comprehensiveness. Therefore, it is extremely important that a plan continues to be tested and maintained.
34 ACKNOWLEDGEMENT I would like to thank entire NASA IV & V team members for organizing such a Successful Workshop Also I would like to thank Mrs. Lisa Downs, NASA IV&V Annual Workshop Committee Chair for guiding me and helping me to present this paper in a successful ways.
35 REFERENCES Hazards and Risk Virtual Library - by Impacts - Cultural Heritage Disaster Preparedness and Response Disaster Planning for Libraries and Archives : Understanding the Essential Issues Symantec Corporation Assets, Threats and Vulnerabilities: Discovery and Analysis. A comprehensive approach to Enterprise Risk Management.
Library Disasters Disaster Management: Is your Library ready? By Fe Angela M. Verzosa PLAI-Southern Tagalog Regional Librarians Council, Puerto Princesa City, Palawan, 30 April 2010 95% of disasters result
Disasters natural and man-made and weather patterns all have the potential to damage or destroy records. Basic precautions and the formation of a disaster plan will help prevent the unnecessary loss of
Preservation Education Curriculum Northeast Document Conservation Center class 12 lesson plan Disaster Planning The Lesson Part I: Introduction (20 minutes) A. Short history of disasters/disaster planning
Page 1 of 7 The CPA Journal Online June 1994 Planning for disaster. by Smith, L. Murphy Search Software Personal Help Abstract- The string of natural and man-made disasters that had recently devastated
Business Continuity Planning (BCP) / Disaster Recovery (DR) Introduction Interruptions to business functions can result from major natural disasters such as earthquakes, floods, and fires, or from man-made
Emergency Management Audit For Businesses Sponsor Acknowledgement: This manual is sponsored by NZ Safety Limited and produced for the Ministry of Civil Defence Public Education Advisory Committee by Auckland
Clinic Business Continuity Plan Guidelines Emergency notification contacts: Primary Role Name Address Home phone Mobile/Cell phone Business Continuity Plan Coordinator QSP Business Continuity Plan Coordinator
February 2011 Records disaster preparedness and recovery It will never happen... Disasters are unexpected events with destructive consequences which can be measured by the scale of damage as well as the
10 number 39 // 2-2006 Management of IT Risks Esther Cerdeño Deputy Director of IT MAPFRE REASEGUROS (Spain) The market needs insurers to study the feasibility of insuring costs relating to loss of information;
Business Continuity Planning Donna Curran, Director Audit and Risk Management February, 2014 Agenda Business Continuity Defined The Importance of a Plan Determining the Costs Business Impact Analysis MTO,
Business Continuity Planning (BCP) / Disaster Recovery (DR) Introduction Interruptions to business functions can result from major natural disasters such as earthquakes, floods, and fires, or from man-made
Clinic Business Continuity Plan Guidelines Published: January 2015 Table of Contents Emergency Notification Contacts Primary... 2 Emergency Notification Contacts Backups (in case primary is unavailable)...
Emergency Preparedness for Design Firms RLI Design Professionals Design Professionals Learning Event DPLE 244 September 16, 2015 RLI Design Professionals is a Registered Provider with The American Institute
Preface Computer systems are the core tool of today s business and are vital to every business from the smallest to giant organizations. Money transactions, customer service are just simple examples. Despite
Appendix L DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS I. GETTING READY A. Obtain written commitment from top management of support for contingency planning objectives. B. Assemble
HOW TO CREATE A VITAL RECORDS PROTECTION PLAN New York State Unified Court System Division of Court Operations Office of Records Management June 2003 TABLE OF CONTENTS Purpose of a Vital Records Protection
I Identify Critical Systems and Vital Records. Vital records are those records that if destroyed, lost, or inaccessible would cause severe difficulty in operating, or would cause probable financial loss.
Appendix E: DEM Record Recovery Plan From DEM Records Management Policy: A Report of the Records Management Policy Working Group, June 9, 2003. Appendix H - Elements of a Record Recovery Plan This material
By: Katie Tucker, Sales Representative, Rolyn Companies, Inc Are you and your facility disaster ready? As reported by the Red Cross, as many as 40 percent of small businesses do not reopen after a major
Top Tips On Disaster Recovery Would you be able to recover if your business suffered a major incident that affected trading? Fires, floods, gas explosions, terrorist attacks, theft and sabotage could all
1 This document contains the text of Secretary of the State regulations concerning Emergency Contingency Model Plan for Elections (Sections 9-174a-1 to 9-174a-34) This document was created by the Office
Emergency Management Business Continuity Template The Regional Municipality of Wood Buffalo would like to give credit to the Calgary Emergency Management Agency (CEMA) and the Calgary Chamber of Commerce
ALLIANCE REFERENCE GUIDE Developing a Disaster Preparedness/ Emergency Response Plan Preparing for disaster is one of the most important things a museum can do in order to safeguard its collections and
Beyond Effective Security The Art and Science of Business Continuity Planning Fred Young, CIPM, CRM Executive Director Risk Management RE/MAX International Holdings, Inc The Wildlife Experience Business
9.1 USE SECURITY AREAS TO PROTECT FACILITIES 1 GOAL Do you use physical methods to prevent unauthorized access to your organization s information and premises? 2 GOAL Do you use physical methods to prevent
Appendix A: Preparedness Checklists 1 Flood Preparedness Checklist The following checklist will help you prepare for how a flood could impact your business and your business continuity and disaster recovery
Disaster Recovery Planning Process By Geoffrey H. Wold Part I of III This is the first of a three-part series that describes the planning process related to disaster recovery. Based on the various considerations
Ohio Supercomputer Center IT Business Continuity Planning No: Effective: OSC-13 06/02/2009 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original
Salvage and recovery operations Risktopic Introduction Business recovery planning consists of planning to minimize the anticipated business interruption in the aftermath of a disaster. Assuring the safety
Disaster Recovery Tips for business survival A Guide for businesses looking for disaster recovery November 2005 Page 1 of 9 Introduction The aim of this paper is to highlight the importance of having a
Draft 8/1/05 SYSTEM First Rev. 8/9/05 2 nd Rev. 8/30/05 EMERGENCY OPERATIONS PLAN I. INTRODUCTION A. PURPOSE - The University of Hawaii System Emergency Operations Plan (EOP) provides procedures for managing
FEDERAL OFFICE FOR CIVIL PROTECTION June 1999 PROTECTION FOR HISTORIC ITEMS AT TIMES OF DISASTER Hazard Analysis Precautions (Annexes 1 + 2) Emergency action (Annex 3) Restoration / Reconstruction Identify
The Orange County Farmers Museum Emergency Preparedness Plan TABLE OF CONTENTS Section Page Introduction. 2 1. Coordination with an Emergency Response Agency. 2 2. Policies of the Board 2 3. Procedures
BUSINESS CONTINUITY PLANNING AT THE NATIONAL GALLERY OF AUSTRALIA Erica Persak Thank you for giving me the opportunity to speak on behalf of the National Gallery on the subject of business continuity planning
DM-PH&SD-P7-TG6 رقم النموذج : I. Introduction This Guideline on supports the national platform for disaster risk reduction. It specifies requirements to enable both the public and private sector to develop
How would your business cope if an emergency evacuation was needed and you couldn t return for a week, or it suffered a serious flood? What would you do if a staff syndicate quit their jobs after winning
Disaster Preparedness: The impact of hurricanes, tornadoes, acts of terrorism, and floods are all clear in the minds of everyone today. But, even though we all know what CAN happen, are we prepared? Can
State Records Guidelines No 23 Certification for Places of Deposit of State archives Issued: August 2013 Table of Contents 1 Introduction... 4 1.1 Purpose... 4 1.2 Authority... 4 2 Certification... 4 3
Defense in Depth: Off-Site Storage of Biological Specimens and Biopharmaceuticals 5 4.5 4 3.5 3 2.5 2 1.5 1 0.5 for Risk Mitigation By Bruce C. Simpson, Director of Commercial Operations, Fisher BioServices
Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 Goals Compare and contrast aspects of business continuity Execute disaster recovery plans and procedures 2 Topics Business
What is a COOP? Continuity of Operations Planning A step by step guide for business A Continuity Of Operations Plan (COOP) is a MANAGEMENT APPROVED set of agreed-to preparations and sufficient procedures
Morton Insurance & Risk Management Business Continuity Planning Services Portfolio Are you prepared for a business emergency? Our business continuity plan and guide will help you create a policy to prepare
Module 2 - Public Health Preparedness Objectives Define a public health emergency List examples of types of public health events and emergencies Overview Protecting the public from health threats involves
Contingency Planning & Disaster Recovery The Role of the Records & Information Manager Katherine Jonelis, BCP/Records Specialist SCF Arizona SCF Arizona SCF Arizona is the leading provider of Arizona workers'
whitepaper Why Should Companies Take a Closer Look at Business Continuity Planning? How Datalink s business continuity and disaster recovery solutions can help organizations lessen the impact of disasters
1 of 12 DOCUMENT REVISION HISTORY Revision No. Date DESCRIPTION OF CHANGES Pages Affected By 00 01/07/2003 Draft Issued For Comment All HSEQ Dept. 01 01/09/2003 Total Change First Approved Issue All HSEQ
Introduction This Risk Assessment Tool is designed to: - Provide business units with a quick reference to identify obvious risks to their records and recordkeeping systems - Assess additional risks within
Business Continuity and Disaster Recovery Planning 3/16/2011 Lee Goldstein CPCP, MBCI President Business Contingency Group Business Continuity/Disaster Recovery Planning to ensure the continuation/recovery
APPENDIX G-Emergency Response Plan Template BSDW-ERP Template 10/04 EMERGENCY RESPONSE PLAN WATER SECTOR Public Water System Name: PWSID No: Physical Address: City: State: Zip Code: General Phone Number:
disaster recovery and contingency plan RISK MANAGEMENT MADE TO MEASURE INTRODUCTION Contingency planning for business continuity (business continuity management) is defined by the Institute of Business
Overview of how to test a Business Continuity Plan Prepared by: Thomas Bronack Phone: (718) 591-5553 Email: firstname.lastname@example.org BRP/DRP Test Plan Creation and Exercise Page: 1 Table of Contents BCP/DRP Test
University Recordkeeping Manual Part Twelve DISASTER PREPAREDNESS & VITAL RECORDS Archives and Records Management Services June 2006 2001 University of Sydney Part 12 DISASTER PREPAREDNESS & VITAL RECORDS
Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions
NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 DATE: December 2001 LETTER NO.: 01-CU-21 TO: SUBJ: ENCL: All Federally Insured Credit Unions Disaster
Vital Records For whom is this guidance intended? This guidance is intended for the University s freedom of information practitioners who are setting up records management systems in their sections. It
Business Continuity Planning Assessment www.cheshirefire.gov.uk Every business is at risk of disruption from a variety of threats, as well as fire, these threats can include flood, loss of power or even
How Disaster Recovery Planning Can Be Leveraged For Electronic Discovery and Litigation Response Digital Discovery and e-evidence John Connell April 1. 2008 Hurricanes, floods, earthquakes, power outages,
Interactive-Network Disaster Recovery BACKGROUND IT systems are vulnerable to a variety of disruptions, ranging from mild (e.g., short-term power outage, disk drive failure) to severe (e.g., terrorism,
AMBULATORY SURGICAL CENTERS STATUTE RULE CRITERIA Current until changed by State Legislature or AHCA Hospitals and Ambulatory Surgical Centers Statutory Reference 3 395.1055 (1)(c), Florida Statutes Rules
KirkpatrickPrice Assessment Guide Designed Exclusively for PRISM International Members KirkpatrickPrice. innovation. integrity. delivered. KirkpatrickPrice Assessment Guide 2 Document Purpose The Assessment
Prepared by Rod Davis, ABCP, MCSA November, 2011 Disaster an event, which causes the loss of an essential service, or part of it, for a length of time which imperils mission achievement. (Andrew Hiles,
Emergency Preparedness 1. Does the institution have a written disaster plan? If yes, when was it first prepared? Who is responsible for implementing and updating the plan? Has it been updated within the
Disaster Recovery Planning Presented by Micky Hogue, CRM Sandia National Laboratories Albuquerque, New Mexico Mlhogue@sandia.gov 1 2 3 If that happened to your business... Would your business be able to
Preparing a Disaster Recovery Plan (Church) In the event of a serious fire, a church may be required to close during the rebuilding period. The rebuilding process can take up to two years or more. Heritage
DISASTER RECOVERY WORKBOOK Office of Court Administration Division of Court Operations Office of Records Management December 2005 DISASTER RECOVERY WORKBOOK TO DESIGN LOCAL PLAN INSTRUCTIONS... 1 Basic
MANAGED WORKSTATIONS: Keeping your IT running What state are your PCs in? Systems running slowly? PCs or laptops crashing for no reason? Too much time trying to resolve simple IT issues? Out-of-date software?
Disaster Recovery Plan to ISO 17799 Introduction A disaster recovery plan attempts to run associated processes to transition smoothly in the event of a natural or human-caused disaster. To plan effectively,
Disclaimer: This material is designed and intended for general informational purposes only, and is not intended, nor shall it be construed or relied upon, as specific legal advice. Roof damage is a leading
Business Continuity and Disaster Recovery Planning Jennifer Brandt, CISA A p r i l 16, 2015 HISTORY OF STINNETT & ASSOCIATES Stinnett & Associates (Stinnett) is a professional advisory firm offering services
BRYN MAWR COLLEGE EMERGENCY RESPONSE PLAN Revised 3/17/08 (abridged) This document is a synopsis of the planning and preparation the College has undertaken to handle emergencies in a professional, efficient,
The 9 Ugliest Mistakes Made with Data Backup and How to Avoid Them If your data is important to your business and you cannot afford to have your operations halted for days even weeks due to data loss or
Essential Records Webinar Session 1 Potential Candidates for Essential Records Status Handout 1.3 Handout 1.3 Potential Candidates for Essential Records Status Table 1: Potential Candidates for Essential
SCHEDULE 25 Business Continuity 1. Scope 1.1 This schedule covers TfL s requirements in respect of: any circumstance or event which renders, or which TfL considers likely to render, it necessary or desirable
Continuity of Operations in the Clinical Laboratory Nathan Kendrick, MS, M(ASCP) State Training Coordinator Emergency Preparedness & Response Unit Paula M. (Snippes) Vagnone, MT(ASCP) Microbiology Supervisor
Explanation of Coverage Limits and Options Consumer s Quick Check Guide Dwelling Property Policy There are three Dwelling Policy Forms offered in the State of Florida. This Consumer s Quick Check Guide
Disaster Preparedness Planning Guide for Facilities INTRODUCTION This preparedness planning guide is directed to facility managers and administrators and is intended to provide assistance in meeting the
Massachusetts Institute of Technology Functional Area Recovery Management Team Plan Development Template Public Distribution Version For further information, contact: Jerry Isaacson MIT Information Security
How to Prepare for an Emergency: A Disaster and Business Recovery Plan Chapter 1: Overview of the Disaster and Business Recovery Plan Purpose: To develop and establish a comprehensive Disaster and Business