Information Technology Services (ITS)
|
|
- Jonas Richard
- 8 years ago
- Views:
Transcription
1 Information Technology Services (ITS) Disaster Recovery Plan Version 2.11
2 DOCUMENT VERSION CONTROL Version Date Description/Notes Author/s V /06/2014 New plan based on updated Standby plan. V /03/2015 Updated CMT roles to align with CIMS roles. V /11/2015 Minor corrections and update to location of plan Craig Collis Jonathan Godfrey Jonathan Godfrey FOREWORD The design of this Disaster Recovery Plan (DRP), technical analysis and advice included is the proprietary information of Standby Consulting Ltd (Standby TM ) and is confidential to Standby and Massey University (Massey). Standby has prepared the DRP exclusively for use in connection with the ITS operations of Massey, who shall not disclose or release the plan to any third party without the prior consent of Standby. Notwithstanding the foregoing, Massey remains the owner of the applications, schematics and corporate information set out in the plan and shall not be constrained from dealing with such material as it thinks fit. This version of the DRP has been significantly modified by Massey University, and is based on the DRP supplied by Standby Consulting Ltd in The Standby DRP is a much lengthier document and is appended for reference. DISCLAIMER This plan is based on information supplied to Standby by Massey. Standby shall accept no liability for losses occurring by reason of errors or omissions in the information supplied. Care has been taken to ensure that the procedures set out in this manual represent best practice in business continuity at the time of writing. However, because of the unpredictability and diversity of events that may cause a disaster, there is no guarantee that this plan will cover every situation. The plan needs to be reviewed regularly and updated to take into account changes and developments. Standby accept no responsibility for losses arising by reason of the failure by Massey to carry out regular reviews and where necessary updates of the manual. 2
3 TABLE OF CONTENTS DOCUMENT VERSION CONTROL 2 FOREWORD 2 DISCLAIMER 2 DISASTER RECOVERY PLAN 4 Definition of a Disaster 4 Scope of the Disaster Recovery Plan 4 Location of Disaster Recovery Plan 5 Disaster Recovery Capability Overview 6 Meeting Location 8 Disaster Recovery Process 8 Crisis Management Team 12
4 DISASTER RECOVERY PLAN This Disaster Recovery Plan (DRP) documents the actions that Information Technology Services (ITS) will take following a disaster that affects core University IT services. DEFINITION OF A DISASTER A Disaster is defined as any significant event that impacts IT services sufficiently that the core business activities of the University cannot continue. The declaration of a disaster is a deliberate, conscious decision which will result in the initiation of this DRP. Once a disaster is declared, the response to and recovery from the situation will be managed via the structures and processes outlined in this document. There are three levels of disaster which can potentially affect IT services: 1. No Damage: All IT facilities and services are operating as normal, however there has been a disaster which impacts ITS ability to continue operating services fully, e.g. pandemic, lack of access to ITS workspaces, etc. 2. Logical Damage: There has been no physical damage or change to IT facilities or systems, but the data or system environments have been impacted, e.g. virus outbreak, malicious action, accidental deletion, unexpected data corruption, etc. 3. Physical Damage: IT facilities or equipment have been physically damaged, e.g. fire, earthquake, explosion. This DRP is intended to cover all of these scenarios. SCOPE OF THE DISASTER RECOVERY PLAN This Disaster Recovery Plan is intended to: Outline the capabilities in place to recover from a disaster. Describe the process to be followed to carry out the recovery of services. Outline the roles and responsibilities of various staff and governing bodies in the event of a disaster. This Disaster Recovery Plan is not intended to: Describe the process for managing the incident itself. Act as a repository for all technical and process documentation associated with disaster recovery systems. Act as a Business Continuity Plan for the ongoing long-term activities of the ITS department itself. The focus of the DRP and IT disaster systems is the resolution of core business services within an acceptable timeframe. The current Restore Time Objective (RTO) required by the University for all core services is 72 hours, with a Restore Point Objective (RPO) of 30 minutes. The core services included within that scope are as follows: Core Services Stream File service Print service 4
5 service Building Management system (BMS) Student Management system (SMS) Finance system (Technology1, FlexiPurchase, KoFax Payroll system (PSE) Timetabling system (FCMIS) Application licensing service Knowledgebase service Research Information Management system (RIMS) ITS Service Desk system (Marval) There are several other documents which should be used in conjunction with this DRP. These are: The ITS Incident Response Plan The ITS Business Continuity Plan The University Emergency Response Plan Disaster Recovery, system, and application documentation LOCATION OF DISASTER RECOVERY PLAN The soft copy of this plan will be held at hosted at the Albany National Data Centre. Hard copies of the Plan are located at the data centre on each campus. The following individuals will hold hard copies of the plan, as well as a soft copy on their individual cell phone: Copy Name Title 1 Clive Martis CIO 2 Mareen Watts Associate Director Service Delivery 3 Alistair James Associate Director Planning & Transformation 4 Harry Faas Associate Director Business Systems Support 5 Jodie Banner University Risk Manager 6 Barbie Yerkovich Albany Service Manager 7 Kevin Reynolds Wellington Service Manager 8 Jonathan Godfrey IT Continuity and Facilities Manager 5
6 DISASTER RECOVERY CAPABILITY OVERVIEW The ITS Data Centre in Turitea is the prime data centre in which most applications run and data is stored. Data and images of the servers and systems are replicated to Albany. The Albany Campus is also a prime site with similar equipment to Turitea. Data from Turitea is stored in the Rittal modular data centre (MDC), which is the main data centre at Albany. Data generated in Albany is replicated to the Turitea Data Centre. The Wellington Data Centre replicates its data to Turitea. In the event of a disaster, systems can be activated in Albany and all campuses will run from Albany. In the event of a disaster at Albany all services will run from Turitea. If Wellington fails, services will continue to be provided by Turitea. The initiation of all of these recovery mechanisms can be carried out remotely at Turitea or Albany. This Disaster Recovery capability has been designed to recover services from a single major incident. For example, should the Turitea data centre fail services will then run from Albany. Should Albany also fail there is no further fail over or recovery capability. In some instances the services may be able to tolerate more than a single incident, but this has not been specifically incorporated into their design. 6
7 7
8 MEETING LOCATION An initial meeting should be conducted without delay as the situation will need urgent review and the Disaster Recovery process initiated. The primary space for all meetings associated with the situation will be room 1.29, the large meeting space on Level 1 of the Turitea ITS building, inside the main doors. If this room is not available, or more than one meeting space is required, the secondary meeting space will be Room TA 2.14, in the Te Ara building on the Hokowhitu campus. Location Location 1 Location 2 Description Main Meeting room, first floor (1.29) ITS Building, Turitea Room TA2.14 Te Ara Building Hokowhitu Campus ITS Department DISASTER RECOVERY PROCESS The following process outlines the high-level steps to be taken in the event of a disaster. While this process describes a best-practice approach to the management of the recovery it is likely to be modified as necessary within the context of a particular scenario. PROCESS STEPS 1. Event An event occurs which results in a significant disruption to IT services. 2. Discovery The event is discovered and reported to the relevant points of contact. This may be through automated alerting and/or reporting by users 3. Decision Point: is the ITS building safe and fit for occupation? If so, ITS staff and the Crisis Management Team can be located in the building. If not, the Crisis Management Team decamps to Location 2, and accommodation arrangements are made for non-essential ITS personnel. 4. Triage An initial assessment of the cause, impact and severity of the event must be made. This involves gathering enough information to allow an informed decision as to whether or not the situation warrants the declaration of a disaster. 5. Decision Point: declare a disaster? The decision to declare a disaster is a formal step taken by the Incident Manager in consultation with relevant staff. Not all significant service disruptions require the formal declaration of a disaster and implementation of this DR plan. The decision to declare a disaster should be made in collaboration with the CIO and senior university stakeholders. Guidelines for the appropriate declaration of a disaster are as follows: a. Where IT services are disrupted to a point that will cause the University to close, or significantly enough that financial and/or reputational damage will be caused. 8
9 b. Where the University s key Teaching, Learning, Research and Administrative functions are unable to continue at a satisfactory level. c. Where the situation requires the dedicated attention of a large group of people. d. Where the management of the situation requires specialist roles to be appointed for the duration of the outage, e.g. convening the Crisis Management Team. 6. Disaster not declared: service restoration If a disaster is not declared, the individual restoration of a service or services begins. In this situation the formal activation of the Disaster Recovery Plan is not required, and services can be restored using standard recovery methods without invoking a failover of services to Albany. 7. Disaster declared: activate the Disaster Recovery Plan. 8. Investigation When a disaster is declared a more extensive investigation of the situation and potential recovery scenarios must occur. This builds on the initial information gathered during the triage step. 9. Develop the Recovery Action Plan The Recovery Action Plan is a critical document which is constructed once sufficient information is known. It outlines the intended steps to manage the situation and recover from the disaster. This plan will form the basis of all activities from this point, but is likely to evolve and be modified as further information comes to light and circumstances change. 10. Decision Point: Failover to Albany? Once sufficient information is available a decision needs to be made as to whether or not to failover core services to the Albany data centre. Again, this is a formal decision and is made in collaboration with the CIO and senior university leaders, based on the recommendations of the Crisis Management Team. The declaration of a disaster does not necessarily require a decision to fail over to Albany (it may be possible to recover services without failover) but a fail over should never occur without a disaster first having been declared and this DRP enacted. In making a decision to fail over, the following points need to be considered: a. When failing over to Albany, services will then continue to run from Albany for a period of several months. There is no easy method to fail back to Turitea and this step has not been incorporated into disaster recovery planning. b. Whilst core services can be restored at Albany, non-core services will only be restored after all core services are operational. Non-core services are likely to be restored outside of the 72 hour RTO timeframe. c. Non-core services are not replicated to Albany with the same frequency as core services. Therefore a decision to fail over to Albany may result in a greater data loss for non-core services. d. Some services cannot be easily failed over to Albany. There are proprietary and specialist systems running in the Turitea data centre which cannot be replicated to Albany (e.g. systems still running on physical server hardware). In the event of a fail over these systems will remain inoperable until such time as they can be rebuilt at Albany. 11. Restore Services at Turitea: Where the decision is made to restore core services at Turitea, a fail over to Albany is not required. Some aspects of the DR capability (e.g. data snapshots, redundant components) may be utilised to achieve the recovery, but the intention is to restore services at the Turitea data centre within 72 hours. The 9
10 management structures and processes outlined in this DRP will still be in effect, as a disaster has been declared. 12. Restore Core Services at Albany: Where the decision is made to fail over to Albany the focus is on restoring core services within 72 hours. This is achieved by initiating Site Recovery Manager to stand up core services at Albany. 13. Restore Other Services: Only once all core services have been recovered can noncore services be restored. As some of these services will not have been replicated to Albany it may be necessary to arrange for them to be moved from Turitea, or to install additional capacity at Albany to allow the services to be re-established there. 14. Close Disaster: Once services have been restored the disaster can be formally closed. Control of the situation and any ongoing activities associated with the disaster would then revert to the normal operational management structures of ITS and the Crisis Management Team would be disbanded. 15. Plan Failback: After the closure of the disaster planning must take place to migrate services back to the Turitea data centre (if a fail over to Albany has occurred). This is a substantial activity which will require reconfiguration of equipment and systems, and may not occur for some months after services have been restored. These recovery process steps are summarised in the following flow chart: 10
11 1. Event 2. Discovery and Alerting 3. ITS Building Usable? No 4. Decamp to alternate location Yes 5. Triage: Gather info and assess situation No 7. Initiate Service Restoration 6. Declare Disaster? Yes 8. Enact Disaster Recovery Plan 9. Investigation 10. Develop Recovery Action Plan No 11. Failover to Albany? Yes 12. Restore Services at Turitea 13. Restore Core Services at Albany 15. Close Disaster 14. Restore Other Services 15. Close Disaster 16. Plan Failback 11
12 CRISIS MANAGEMENT TEAM The Crisis Management Team (CMT) is the primary organisational structure responsible for determining the response to a disaster and managing the restoration of services. The CMT is based on a set of roles created expressly for the management of an emergency, and which are different to business as usual roles. This is because roles in the CMT should be filled by people with the appropriate competencies, experience and personal attributes rather than being based on their BAU role. This also provides for a greater depth of contingency, should the primary person filling a Team role be unavailable. Incident Manager The Incident Manager holds overall responsibility for managing the disaster response, is in charge during an incident, and has authority to act. This person leads and controls the activities of the Crisis Management Team and subsidiary groups. Assess the overall situation. Assume control of all disaster recovery activities. Lead the decision to declare a disaster or not. Allocate roles to staff, including the rest of the Crisis Management Team Activate the Disaster Recovery Plan. Determine priorities for responding to the situation. Initiate the development of the Recovery Action Plan. Provide a focal point for decision making. Report to the ITS Executive. Information Officer Communication of the situation, the ongoing response, and the likely recovery of services, is one of the most critical activities in a disaster. The Information Officer is responsible for keeping all stakeholders up to date with the status of the disaster and recovery. This will include structured communications to the internal ITS teams, and external communications to the wider University and public via the External Relations office. Ensure all relevant information is communicated consistently both internally and externally. Develop and implement a communications plan to ensure regular updates. Inform and liaise with University External Relations. Provide regular updates to internal staff and external communications channels. (e.g. Service Desk, External Relations). Ensure emergency communications channels are operational (e.g. remote web site). Coordinate all formal communications regarding the situation. Document Officer The Document Officer is responsible for recording all discussions and decision points related to the disaster and recovery, as well as documenting the remedial actions (both planned and unplanned) as they are taken. Documentation will include meeting minutes, technical documentation, and photographs of affected areas and equipment. Record all meetings and discussions associated with the situation. Author the Recovery Action Plan based on discussions and decisions made by the CMT. 12
13 Ensure that any changes made to systems or environments as a result of restoration activities are documented and that existing technical documentation is updated. In the event of a disaster which results in physical damage to equipment or facilities, photograph this damage for documentation purposes. Staff Safety and Welfare Officer In a disaster situation it is essential to actively monitor and manage the welfare of the staff involved. The Staff Safety and Welfare Officer is responsible for ensuring the safety of staff at all times during the recovery. This will include physical safety in hazardous situations, as well as ensuring staff welfare is carefully managed (e.g. adequate rest breaks, food, stress management). Ensure that all physical locations are safe for staff occupation. Monitor staff stress and workload levels to ensure that any issues are identified and dealt with. Ensure that staff take regular breaks, and that where necessary they are rostered in shifts to continue critical work. Ensure that food, accommodation and other requirements are in place to enable staff to focus on the recovery of services. Alert the Incident Manager to any developing issues regarding staff welfare or safety, and ensure that these are dealt with. Operations Manager The Operations Manager is responsible for carrying out the activities described in the Recovery Action Plan. This person co-ordinates the activities of the technical teams that will be involved in the restoration of services. The technical teams will be assembled, as appropriate, from the areas of systems infrastructure, network infrastructure, business applications, desktop delivery, security, and IT facilities. The teams themselves will be led by people who are capable of representing their relevant technical areas during planning discussions, and can ensure that the actions identified in the Recovery Action Plan are carried out. Provide specialist advice to the CMT when making decisions regarding the management of the situation and construction of the Recovery Action Plan. Direct and manage the teams which will be actively engaged in carrying out the restoration of services, including external resources. Logistics Manager The Logistics Manager is responsible for procuring and arranging all facilities, equipment, materials, services, and resources required to carry out the restoration of services. This person is responsible for all aspects of ordering, obtaining and managing materials, equipment, licenses and physical locations. The Logistics Manager must have financial authority to carry out these duties. Procure all items of equipment, facilities, software, consumables and other material required by staff to carry out the recovery. Record procurement activity for later reconciliation. Ensure that any damaged equipment or material is catalogued and recorded for future insurance claims or disposal. Liaise directly with external vendors to expedite the rapid procurement of essential items. 13
14 Planning Manager The Planning Manager is responsible for gathering, analysing and publishing information about the event. This person leads the task of preparing and documenting the Recovery Action Plan, including the activities that will be undertaken, the order they will be done in, the period of time they will take, and the resources required. Provide detailed information to the CMT regarding the nature of the disaster. Carry out investigations into possible recovery options, and provide the CMT with time, impact and cost estimates to carry these out. 14
Information Technology Services Information Security Incident Response Plan
Information Technology Services Information Security Incident Response Plan Authors: Peter Hamilton Security Manager Craig Collis Head of Risk, Quality and Continuity Date:1/04/2014 Version:1.3 Status:Final
More informationDesktop Scenario Self Assessment Exercise Page 1
Page 1 Neil Jarvis Head of IT Security & IT Risk DHL Page 2 From reputation to data loss - how important is business continuity? Neil Jarvis Head of IT Security (EMEA) DHL Logistics IT Security Taking
More informationAppendix 6c. Final Internal Audit Report Disaster Recovery Planning. June 2007. Report 6c Page 1 of 15
Appendix 6c Final Internal Audit Report Disaster Recovery Planning June 2007 Report 6c Page 1 of 15 Contents Page Executive Summary 3 Observations and Recommendations 8 Appendix 1 - Audit Framework 13
More informationDisaster Recovery Policy
Disaster Recovery Policy INTRODUCTION This policy provides a framework for the ongoing process of planning, developing and implementing disaster recovery management for IT Services at UCD. A disaster is
More informationThe University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1
Version 3.1 November 22, 2004 TABLE OF CONTENTS PART 1: DISASTER RECOVERY EXPECTATIONS... 3 OVERVIEW...3 EXPECTATIONS PRIOR TO AN INCIDENT OCCURRENCE...3 EXPECTATIONS PRIOR TO A DISASTER OCCURRENCE...4
More informationDisaster Recovery Solutions for Oracle Database Standard Edition RAC. A Dbvisit White Paper
Disaster Recovery Solutions for Oracle Database Standard Edition RAC A Dbvisit White Paper Copyright 2011-2012 Dbvisit Software Limited. All Rights Reserved v2, Mar 2012 Contents Executive Summary... 1
More informationEmergency Response and Business Continuity Management Policy
Emergency Response and Business Continuity Management Policy Owner: John Duffy, Registrar & Secretary Last updated: September 2012 Version: 04 Document control Date Version Author Changes To be populated
More informationSuccess or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper
Success or Failure? Your Keys to Business Continuity Planning An Ingenuity Whitepaper May 2006 Overview With the level of uncertainty in our world regarding events that can disrupt the operation of an
More informationIT Disaster Recovery Plan Template
HOPONE INTERNET CORP IT Disaster Recovery Plan Template Compliments of: Tim Sexton 1/1/2015 An information technology (IT) disaster recovery (DR) plan provides a structured approach for responding to unplanned
More informationDisaster Recovery Plan Documentation for Agencies Instructions
California Office of Information Security Disaster Recovery Plan Documentation for Agencies Instructions () November 2009 SCOPE AND PURPOSE The requirements included in this document are applicable to
More informationUnit Guide to Business Continuity/Resumption Planning
Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions
More informationOhio Supercomputer Center
Ohio Supercomputer Center IT Business Continuity Planning No: Effective: OSC-13 06/02/2009 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original
More informationAbhi Rathinavelu Foster School of Business
Abhi Rathinavelu Foster School of Business What is Disaster? A disaster is considered any incident or event that results in a major interruption of business operations Major: Earthquake >5.0, Volcanic
More informationApplication / Hardware - Business Impact Analysis Template. MARC Configuration Requirements. Business Impact Analysis
Application / Hardware - Business Impact Analysis Template The single most important thing we can do is help you understand the criticality of each application, supporting hardware/server/pc and the required
More informationPost-Class Quiz: Business Continuity & Disaster Recovery Planning Domain
1. What is the most common planned performance duration for a continuity of operations plan (COOP)? A. 30 days B. 60 days C. 90 days D. It depends on the severity of a disaster. 2. What is the business
More informationHow To Manage A Disruption Event
BUSINESS CONTINUITY FRAMEWORK DOCUMENT INFORMATION DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Strategic document Approved Manager Organisational
More informationCENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
More informationTechnology Recovery Plan Instructions
State of California California Information Security Office Technology Recovery Plan Instructions SIMM 5325-A (Formerly SIMM 65A) September 2013 REVISION HISTORY REVISION DATE OF RELEASE OWNER SUMMARY OF
More informationESCB definitions of major business continuity terms in relation to payment and securities settlement systems 1
ESCB definitions of major business continuity terms in relation to payment and securities settlement systems 1 June 2007 The ESCB has developed a glossary of major business continuity terms for market
More informationICT Contingency Plan Top Level Plan
ICT Contingency Plan Top Level Plan - 1 - Document Control Information Title: ICT Contingency Plan: Top Level Plan Date: June 2013 Version: 3.0 Authors: John Redeyoff (NCC) Contents by Neil Dudleston /
More informationTable of Contents... 1
... 1 Chapter 1 Introduction... 4 1.1 Executive Summary... 4 1.2 Goals and Objectives... 5 1.3 Senior Management and Board of Directors Responsibilities... 5 1.4 Business Continuity Planning Processes...
More informationCompany Management System. Business Continuity in SIA
Company Management System Business Continuity in SIA Document code: Classification: Company Project/Service Year Document No. Version Public INDEX 1. INTRODUCTION... 3 2. SIA S BUSINESS CONTINUITY MANAGEMENT
More information<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP
IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP Revision History REVISION DATE NAME DESCRIPTION Original 1.0 2 Table of Contents Information Technology Statement
More informationWhite Paper: Cloud Solutions for Continuity
White Paper: Cloud Solutions for Continuity 2014, igroup ltd. All rights reserved. INTELLECTUAL PROPERTY DISCLAIMER This white paper is for informational purposes only and is provided as is with no warranties
More informationClinic Business Continuity Plan Guidelines
Clinic Business Continuity Plan Guidelines Published: January 2015 Table of Contents Emergency Notification Contacts Primary... 2 Emergency Notification Contacts Backups (in case primary is unavailable)...
More informationWhy Should Companies Take a Closer Look at Business Continuity Planning?
whitepaper Why Should Companies Take a Closer Look at Business Continuity Planning? How Datalink s business continuity and disaster recovery solutions can help organizations lessen the impact of disasters
More informationCode Subsidiary Document No. 0007: Business Continuity Management. September 2015
Code Subsidiary Document No. 0007: September 2015 Change History Version Number Date of Issue Reason For Change Change Control Reference Sections Affected 20150511 11 May 2015 For industry consultation
More informationCLOUD SERVICE SCHEDULE
CLOUD SERVICE SCHEDULE 1 DEFINITIONS Defined terms in the Standard Terms and Conditions have the same meaning in this Service Schedule unless expressed to the contrary. In this Service Schedule, unless
More informationG-Cloud 6 Service Definition DCG Cloud Disaster Recovery Service
G-Cloud 6 Service Definition DCG Cloud Disaster Recovery Service 1 of 19 CONTACT INFORMATION Guy Silver T: 07733 008799 E: guy.silver@dcggroup.com W: www.dcggroup.com Data Continuity Group Limited, Bridge
More informationHow Routine Data Center Operations Put Your HA/DR Plans at Risk
How Routine Data Center Operations Put Your HA/DR Plans at Risk Protect your business by closing gaps in your disaster recovery infrastructure Things alter for the worse spontaneously, if they be not altered
More informationSCHEDULE 25. Business Continuity
SCHEDULE 25 Business Continuity 1. Scope 1.1 This schedule covers TfL s requirements in respect of: any circumstance or event which renders, or which TfL considers likely to render, it necessary or desirable
More informationwww.pwc.com Business Resiliency Business Continuity Management - January 14, 2014
www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition
More informationBUSINESS CONTINUITY PLAN
Business Logo Here BUSINESS CONTINUITY PLAN FOR SMALL TO MEDIUM SIZED BUSINESSES DATE :??? VERSION:?? PRODUCED BY DURHAM CIVIL CONTINGENCIES UNIT BUSINESS CONTINUITY PLAN LIST OF CONTENTS 1. DISCLAIMER...4
More informationSUBJECT: REPLACEMENT OF CORPORATE ELECTRONIC DATA STORAGE, BACKUP AND DISASTER RECOVERY SOLUTIONS
REPORT TO CABINET TO BE HELD ON 15 SEPTEMBER 2015 Key Decision No Forward Plan Ref No 23K Corporate Priority The proposals in this report contribute to the delivery of all the Council s priorities Cabinet
More informationBusiness Continuity Planning
Business Continuity Planning We believe all organisations recognise the importance of having a Business Continuity Plan, however we understand that it can be difficult to know where to start. That s why
More informationFlinders University IT Disaster Recovery Framework
Flinders University IT Disaster Recovery Framework Establishment: Flinders University, 1 August 2013 Last Amended: Manager, ITS Security Services, 4 October 2013 Nature of Amendment: Initial release Date
More informationOverview TECHIS60851. Manage information security business resilience activities
Overview Information security business resilience encompasses business continuity and disaster recovery from information security threats. As well as addressing the consequences of a major security incident,
More informationITIL 2011 Lifecycle Roles and Responsibilities UXC Consulting
ITIL 2011 Lifecycle Roles and Responsibilities UXC Consulting Date November 2011 Company UXC Consulting Version Version 1.5 Contact info@uxcconsulting.com.au http://www.uxcconsulting.com.au This summary
More informationDISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS
Appendix L DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS I. GETTING READY A. Obtain written commitment from top management of support for contingency planning objectives. B. Assemble
More informationcourtesy of F5 NETWORKS New Technologies For Disaster Recovery/Business Continuity overview f5 networks P
courtesy of F5 NETWORKS New Technologies For Disaster Recovery/Business Continuity overview Business Continuity, Disaster Recovery and Data Center Consolidation IT managers today must be ready for the
More informationTaking a Proactive Approach to Crisis Management while Maintaining Business Continuity in a Tiered Environment
Taking a Proactive Approach to Crisis Management while Maintaining Business Continuity in a Tiered Environment John Linse Director of Business Continuity Services, EMC 1 Setting the Stage Taking a Proactive
More informationHow to Design and Implement a Successful Disaster Recovery Plan
How to Design and Implement a Successful Disaster Recovery Plan Feb. 21 ASA Office-Administrative Section is Sponsored by Today s ASAPro Webinar is Brought to You by the How to Ask a Question Questions
More informationBusiness Continuity Business Impact Analysis arrangements
Aberdeen City Council Internal Audit Report 2012/2013 for Aberdeen City Council May 2013 Business Continuity Business Impact Analysis arrangements Final Report Contents Section Page 1. Executive Summary
More informationDocument Details. 247Time Backup & Disaster Recovery Plan. Author: Document Tracking. Page 1 of 12
Document Details Title: Author: 247Time Backup & Disaster Recovery Plan Document Tracking Page 1 of 12 TABLE OF CONTENTS 1 INTRODUCTION... 3 1.1 OVERVIEW... 3 1.2 DEFINED REQUIREMENT... 3 2 DISASTER OVERVIEW...
More informationBusiness Continuity: Choosing the Right Technology Solution
Business Continuity: Choosing the Right Technology Solution Table of Contents Introduction 3 What are the Options? 3 How to Assess Solutions 6 What to Look for in a Solution 8 Final Thoughts 9 About Neverfail
More informationThe Difference Between Disaster Recovery and Business Continuance
The Difference Between Disaster Recovery and Business Continuance In high school geometry we learned that a square is a rectangle, but a rectangle is not a square. The same analogy applies to business
More informationPrimary Eyecare Cheshire Ltd: Business Continuity and Disaster Recovery Plan
Document name: Primary Eyecare Cheshire Ltd: Business Continuity and Disaster Recovery Plan Date created: January 2015 Author: LOCSU Approved by: Board of Directors on 26/01/2015 Primary Eyecare Cheshire
More informationExternal Supplier Control Requirements BCM
External Supplier Control Requirements BCM BCM Requirement Description BCM Tiers Recovery Time Objective Why this is important 1. Business Continuity Policy Supplier will have a documented Business Continuity
More informationVirginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Business Continuity Management Standard for IT Systems This standard is applicable to all VCU School of Medicine
More informationIntroduction UNDERSTANDING BUSINESS CONTINUITY MANAGEMENT
INFORMATION SECURITY: UNDERSTANDING BUSINESS CONTINUITY MANAGEMENT FACTSHEET This factsheet will introduce you to Business Continuity Management (BCM), which is a process developed to counteract systems
More informationDesigntech Cloud-SaaS Hosting and Delivery Policy, Version 1.0, 2013. Designtech Cloud-SaaS Hosting and Delivery Policy
Designtech Cloud-SaaS Hosting and Delivery Policy, Version 1.0, 2013 Page i Designtech Cloud-SaaS Hosting and Delivery Policy Designtech Cloud-SaaS Hosting and Delivery Policy, Version 1.0, 2013 Page ii
More informationINSIDE. Preventing Data Loss. > Disaster Recovery Types and Categories. > Disaster Recovery Site Types. > Disaster Recovery Procedure Lists
Preventing Data Loss INSIDE > Disaster Recovery Types and Categories > Disaster Recovery Site Types > Disaster Recovery Procedure Lists > Business Continuity Plan 1 Preventing Data Loss White Paper Overview
More informationIT Disaster Recovery Plan Template ABC PVT LTD
IT Disaster Recovery Plan Template ABC PVT LTD Primary site ABC Towers Bangalore India 560047 Secondary site ABC Towers Delhi India 110059 Aerial distance between sites 1800 KMS Inter-site connectivity
More informationBUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS
BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS DIRECTORATE OF BANKING SUPERVISION AUGUST 2009 TABLE OF CONTENTS PAGE 1.0 INTRODUCTION..3 1.1 Background...3 1.2 Citation...3
More informationBusiness Continuity & Recovery Plan Summary
Introduction An organization s ability to survive a significant business interruption is determined by the company s ability to develop, implement, and maintain viable recovery and business continuity
More informationBusiness Continuity & Recovery Plan Summary
Introduction An organization s ability to survive a significant business interruption is determined by the company s ability to develop, implement, and maintain viable recovery and business continuity
More informationThe 5 Most Commonly Used Disaster Recovery Process
DR Risk Assessment White Paper This document provides an overview of Equilibrium s disaster recovery risk analysis and remediation methodology. This methodology was developed over a period of 10+ years
More informationa Disaster Recovery Plan
Construction of a Disaster Recovery Plan David Godwin, Sr. Sales Engineer March 18, 2014 Objectives Understand What Disaster Recovery is? Why is Disaster Recovery Needed? Effectively assist customers or
More informationClinic Business Continuity Plan Guidelines
Clinic Business Continuity Plan Guidelines Emergency notification contacts: Primary Role Name Address Home phone Mobile/Cell phone Business Continuity Plan Coordinator QSP Business Continuity Plan Coordinator
More informationDISASTER RECOVERY PLANNING GUIDE
DISASTER RECOVERY PLANNING GUIDE AN INTRODUCTION TO BUSINESS CONTINUITY PLANNING FOR JD EDWARDS SOFTWARE CUSTOMERS www.wts.com WTS Disaster Recovery Planning Guide Page 1 Introduction This guide will provide
More informationIncident Manager. Notified. Major Incident? YES. Major Incident Declared. Initial Communication Drafted. MIH At A Glance. Major Incident Ended
www.majorhling.com www.braunsblog.com A Major Hling Plan Model Desk Manager Business Resolver Teams (BRT) Communications Step 1 Record / Event Recieved Step 2 Classify Refer as Potential Major Manager
More informationBUSINESS CONTINUITY PLAN 1 DRAFTED BY: INTEGRATED GOVERNANCE MANAGER 2 ACCOUNTABLE DIRECTOR: DIRECTOR OF QUALITY AND SAFETY 3 APPLIES TO: ALL STAFF
BUSINESS CONTINUITY PLAN 1 DRAFTED BY: INTEGRATED GOVERNANCE MANAGER 2 ACCOUNTABLE DIRECTOR: DIRECTOR OF QUALITY AND SAFETY 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: GOVERNING BODY, 5 MARCH
More informationNHS 24 - Business Continuity Strategy
NHS 24 - Strategy Version: 0.3 Issue Date: 20/09/2005 Status: Issued for Board Approval Status: draft Page 1 of 13 Table of Contents 1 INTRODUCTION...3 2 PURPOSE...3 3 SCOPE...3 4 ASSUMPTIONS...4 5 BUSINESS
More informationSome companies never recover from a disaster related loss. A business that cannot operate will lose money, customers, credibility, and good will.
How Disaster Recovery Planning Can Be Leveraged For Electronic Discovery and Litigation Response Digital Discovery and e-evidence John Connell April 1. 2008 Hurricanes, floods, earthquakes, power outages,
More informationITIL V3 Intermediate Capability Stream:
ITIL V3 Intermediate Capability Stream: RELEASE CONTROL AND VALIDATION (RC&V) CERTIFICATE SCENARIO BOOKLET Scenario One A global commercial IT service provider has three service desks that support internal
More informationBusiness Continuity Planning in IT
Introduction: Business Continuity Planning in IT The more your business relies on its IT systems, the more you need to consider how unexpected disruptions might affect your business. These disruptions
More informationBusiness Continuity. Client Briefing
Business Continuity Client Briefing About this document This document describes Mediaocean s disaster recovery and business continuity policy. Mediaocean LLC. Mediaocean Systems Limited 2015 This manual
More informationEMERGENCY PREPAREDNESS PLAN Business Continuity Plan
EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic
More informationBusiness Continuity Plan
Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions
More informationSERVICE SCHEDULE INFRASTRUCTURE AND PLATFORM SERVICES
SERVICE SCHEDULE INFRASTRUCTURE AND PLATFORM SERVICES This Product Schedule Terms & Conditions is incorporated into a Services Agreement also comprising the General Terms and Conditions which the Customer
More informationIncident Communications
Incident Communications Prepared for Front Line Alerts Procedure group Prepared by Drew McConnell Information Officer IT Services University of Glasgow June 2007 Updated Jan 2011 Contents Summary...4 Background...5
More informationThe purpose of this white paper is to outline the 5 steps required to prepare small-to-medium businesses for these disasters.
Top 5 Steps to Disaster Preparedness for SMBs The news is filled with headlines of disasters everything from earthquakes, tsunamis and tornadoes, to computer viruses that threaten to shut down an entire
More informationRS Official Gazette, No 23/2013 and 113/2013
RS Official Gazette, No 23/2013 and 113/2013 Pursuant to Article 15, paragraph 1 and Article 63, paragraph 2 of the Law on the National Bank of Serbia (RS Official Gazette, Nos 72/2003, 55/2004, 85/2005
More informationBUSINESS CONTINUITY PLAN
Business Logo or Name here BUSINESS CONTINUITY PLAN FOR PERSONAL CARE PROVIDERS TEMPLATE PREPARED BY DEVON COUNTY COUNCIL EMERGENCY PLANNING SERVICE BUSINESS CONTINUITY PLAN LIST OF CONTENTS 1. DISCLAIMER...
More informationBusiness Continuity Overview
Business Continuity Overview Beverley A. Retjos Senior Manager WW SWG Security & Controls 03/12/07 Business Continuity Management (BCM) Process of ensuring that a business is prepared to survive any disruption
More informationBUSINESS CONTINUITY PLAN
Business Logo or Name here BUSINESS CONTINUITY PLAN FOR RESIDENTIAL CARE HOMES PRODUCED BY DURHAM CIVIL CONTINGENCIES UNIT BUSINESS CONTINUITY PLAN LIST OF CONTENTS 1. DISCLAIMER...4 2. AIM...4 3. BUSINESS
More informationDisaster Recovery. Stanley Lopez Premier Field Engineer Premier Field Engineering Southeast Asia Customer Services and Support
Disaster Recovery Stanley Lopez Premier Field Engineer Premier Field Engineering Southeast Asia Customer Services and Support Categories of Risk Financial Operational Reputational Market share Revenue
More informationBusiness Continuity Management For Small to Medium-Sized Businesses
Business Continuity Management For Small to Medium-Sized Businesses Produced by NORMIT and Norfolk County Council Resilience Team For an electronic copy of this document visit www.normit.org Telephone
More informationProtecting Your Business
Protecting Your Business Business Continuity/Disaster Recovery Planning Robert Haberman Senior Product Manager BCP/DRP TELUS BUSINESS SOLUTIONS Business Continuity/Disaster Recovery Planning 1 Agenda:
More informationDisaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery
Disaster Recovery 1.1 Introduction Every day, there is the chance that some sort of business interruption, crisis, disaster, or emergency will occur. Anything that prevents access to key processes and
More informationDisaster Recovery and Business Continuity What Every Executive Needs to Know
Disaster Recovery and Business Continuity What Every Executive Needs to Know Bruce Campbell & Sandra Evans Contents Why you need DR and BC What constitutes a Disaster? The difference between disaster recovery
More informationBusiness Continuity and Disaster Recovery Planning from an Information Technology Perspective
Business Continuity and Disaster Recovery Planning from an Information Technology Perspective Presenter: David Bird, Director of Sales, Business Technology Consultant phone: 215-672-7100 email: dbird@quatro.com
More informationBlackboard Managed Hosting SM Disaster Recovery Planning Document
BLACKBOARD MANAGED HOSTING Blackboard Managed Hosting SM Disaster Recovery Planning Document Prepared By: MH Services Modified Date: March 2009 Revision: 1.8 1. OBJECTIVES... 3 2. SCOPE... 3 3. ASSUMPTIONS...
More informationDisaster Recovery (DR) Planning with the Cloud Desktop
with the Cloud Desktop info@os33.com (866) 796-0310 www.os33.com In preparing for the unexpected, most companies put specific disaster recovery plans in place. Without planning, recovering from a disaster
More informationWith 57% of small to medium-sized businesses (SMBs) having no formal disaster
Disaster Recovery For Business Owners Practical Guidance for a Critical Operation With 57% of small to medium-sized businesses (SMBs) having no formal disaster recovery plan (Symantec, 2011), and 52% believing
More informationServerCentral Business Continuity & Disaster Recovery Services
ServerCentral Business Continuity & Disaster Recovery Services SERVERCENTRAL BUSINESS CONTINUITY SERVICE & PROCESS INTRODUCTION At ServerCentral, Business Continuity and Disaster Recovery (BC/DR) refers
More informationMARQUIS DISASTER RECOVERY PLAN (DRP)
MARQUIS DISASTER RECOVERY PLAN (DRP) Disaster Recovery is an ongoing process to plan, develop, test and implement changes, processes and procedures supporting the recovery of the critical functions in
More informationTHE CASE FOR ACTIVE DATA ARCHIVING
THE CASE FOR ACTIVE DATA ARCHIVING Written by Ray Quattromini 3 rd September 2007 Contact details Tel: 01256 782030 / 08704 286 186 Fax: 08704 286 187 Email: sales@data-storage.co.uk Web: www.data-storage.co.uk
More informationOracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0
Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies
More informationDisaster Recovery Planning for Health care Providers
E-Guide Disaster Recovery Planning for Health care Providers For hospitals, timely access to patient data is critical for maintaining normal operations during a natural or man-made disaster. This Eguide
More informationBest Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and Testing axcient.com 2015. Axcient, Inc. All Rights Reserved. 1 Best Practices in Disaster Recovery Planning and Testing Disaster Recovery plans are widely
More informationTemple university. Auditing a business continuity management BCM. November, 2015
Temple university Auditing a business continuity management BCM November, 2015 Auditing BCM Agenda 1. Introduction 2. Definitions 3. Standards 4. BCM key elements IT Governance class - IT audit program
More informationUniversity of Liverpool
University of Liverpool Information Security Incident Response Policy Reference Number Title CSD-012 Information Security Incident Response Policy Version Number 1.2 Document Status Document Classification
More informationBUSINESS CONTINUITY PLANNING AT THE NATIONAL GALLERY OF AUSTRALIA. Erica Persak
BUSINESS CONTINUITY PLANNING AT THE NATIONAL GALLERY OF AUSTRALIA Erica Persak Thank you for giving me the opportunity to speak on behalf of the National Gallery on the subject of business continuity planning
More informationBusiness Continuity Plan Template
Business Continuity Plan Template Disclaimer This publication has been produced to provide a guide for people anticipating going into business and for business owners. It should not be regarded as an
More informationMaximumOnTM. Bringing High Availability to a New Level. Introducing the Comm100 Live Chat Patent Pending MaximumOn TM Technology
MaximumOnTM Bringing High Availability to a New Level Introducing the Comm100 Live Chat Patent Pending MaximumOn TM Technology Introduction While businesses have become increasingly dependent on computer-based
More informationBusiness Continuity Planning and Disaster Recovery Planning
4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business
More informationIntel Business Continuity Practices
Intel Business Continuity Practices As a global corporation with locations and suppliers all over the world, Intel requires every designated Intel organization to embed business continuity as a core business
More informationThe 9 Ugliest Mistakes Made with Data Backup and How to Avoid Them
The 9 Ugliest Mistakes Made with Data Backup and How to Avoid Them If your data is important to your business and you cannot afford to have your operations halted for days even weeks due to data loss or
More informationPAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA
1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More information