Adding Communications Network Support to Existing Disaster Recovery Plans Leo A. Wrobel
|
|
- Mabel Snow
- 8 years ago
- Views:
Transcription
1 Adding Communications Network Support to Existing Disaster Recovery Plans Leo A. Wrobel Payoff This article reviews the processes that must be documented in a recovery plan for a company's mission-critical communications networks. Policies and procedures help ensure network integrity and prevent disasters. The emphasis is on ensuring continuity between IS, facilities management, LAN management, and other departments, so that a plan can be executed flawlessly. Introduction A broad-based business recovery plan must address three critical components: physical space for employees, connection to data processing systems essential to the conduct of core business operations, and telecommunications facilities that turn these data processing systems into revenue generators for the company. There are several ways to dovetail communications systems into an organization's existing disaster recovery plan for its mainframe computer room. Phase 1: Business Risk Analysis What the Organization Needs to Protect and Why This first phase involves preliminary identification of mission-critical communications systems. It may be necessary to run a series of executives interviews within the company to identify core business systems as well as the communications systems that support those activities. Examples include inbound call centers, customer service lines, engineering or R departments, sales departments, and divisions involved in financial filings for the company. Management may need to be convinced that recovery planning for the communications network is an important and essential component of the overall business recovery plan. A helpful technique is to draft a white paper assessing the risks to the company and presenting them in nontechnical language that management can understand. To be most effective, a white paper to management should outline the big four areas in which communications systems disruptions cause a loss to the company. These include: Lost sales. Lost market share. Lost customer confidence. Loss of productivity. These are all things management can understand and subscribe to. Focusing on these issues will further the cause within the organization.
2 Phase 2: Updating Procedures The second phase of a successful communications systems recovery planning effort involves becoming up-to-date in disaster recovery planning methodologies for the network. IS may want to consider establishing some type of liaison with service providers geared around the disaster recovery effort. It is also time to talk to related departments within the organization, such as security personnel and facility management, which may already have disaster recovery plans that network support plans can be rolled into. Operating and Security Standards One of the most significant tasks in phase 2 is documenting a set of operating and security standards for communications systems. These standards are essentially the basic operating practices for the network, and they are designed for two reasons. The first reason is to ensure that disasters are prevented before they happen. Policies and procedures help maintain network integrity and prevent disasters. Standards that prevent disasters include policies on the management of combustibles - for example, no smoking policies, training in the use of fire extinguishers, and standards for change management when making software changes to mission-critical systems such as Private Branch exchange or multiplexers. The second reason is to ensure that the emergency procedures dovetail gracefully with the operational environment. By working together, related departments such as IS, computer operations, LAN management, facility management, and others can avoid the perception that they are trying to impose a solution on another department. This approach also ensures continuity between the departments. The following basic security standards should exist Equipment rooms lock and signin logs exist for people entering and leaving the area. PBX class-of-service indicators are backed up daily and stored off site, similar to procedures in the computer room. Passwords are changed frequently for dial-in maintenance access to critical multiplexers, PBXs, and voic systems. Trash is not permitted to accumulate in equipment room. There is a no smoking policy. Basic housekeeping procedures exist within the equipment room. If possible, the equipment room is located in an area other than the basement. Any water problems that develop anywhere within the building will ultimately end up in the basement. There are regular surveys of the cable routes between the organization and the local service provider. Infrared scanning equipment is used to pick up heat sources within computer or telecommunications rooms and thus help avert fire. Such equipment is available from fire protection contractors and other sources.
3 Power is separated from electrical cables. In addition to being a cause of noise and interference, electrical cables in telephone cable racks are also a safety hazard, sometimes leading to catastrophic fires. Fire-retardant cable is used in equipment rooms. In addition to the traditional Teflon cable that resists burning, there are also newer materials available, such as Halar, Kevlar, and Stolsis. Permanent Virtual Circuit, or polyvinylchloride cable, can burn and produce nauseous fumes. When water is poured on burning Permanent Virtual Circuit cable, it creates acid compounds that can rapidly destroy equipment. Emergency instructions are prominently posted in the PBXs room and adequate command and control exists to send messages rapidly should something go wrong. An additional checklist of standards is presented in Exhibit 1. Other standards are geared specifically toward the recovery process itself. For example, if emergency procedures call for a list of home telephone numbers for employees who need to be called back to work, something must be documented in the operational environment to ensure that list exists in the first place. Responsible people should also be assigned to keep the list up-to-date. Similar policies must be in place for equipment inventories, vendor callout lists, and other components of the emergency plan that rely on the standards to execute properly. Checklist of Communications Systems Standards * Password protection of remote maintenance port dial-in access, DISA, and DATA dial-in. * Fraud protection on DISA through use of caller ID, DISA, and other methods. * Smoking ban in effect in equipment room. * Separate power breakers for sensitive telecommunications equipment. * Instructions posted for human safety and for graceful equipment shutdown in equipment rooms. * Back-up power tested frequently. * Lightning protection where applicable. * Emergency lighting. * Equipment room: locked door, sign-in logs, posted emergency procedures. * Water pipes labeled, under-floor moisture detectors installed, plastic sheeting of drape equipment stored nearby. * Sign-off procedures for major equipment or software changes. * Policy of performing back-up before major telecommunications equipment changes. The last part of Phase 2 involves making long-term recommendations for the network. Because it is usually impossible to scrap equipment that is already installed, much of this equipment may have to be phased out over time to allow for disaster recovery plans. At minimum, specific recommendations on long-term network changes to be executed at an appropriate future date should be made. Phase 3: Documenting the Plan A solid, systematic set of disaster recovery procedures can be summed up using the seven R's of a successful recovery planning process. Recognition
4 If a night security guard sees water coming under the door of the equipment room, who does this guard notify, and how, precisely, would the emergency call be routed through an organization? Instructions should be displayed prominently within the room with callout numbers for key technologists who may have to respond immediately to a disaster. Procedures might exist, for example, whereby the director of facilities would call the director of technical services in such an event and request an on-site representative. The facilities department must know what steps to take for human safety, such as shutting off power if the equipment appears wet. These and dozens of other issues have to be addressed to ensure that everyone is called quickly and can respond as quickly as possible to any type of facility disaster affecting communications systems. Response Once key personnel have been called, what exactly are they needed to do when they arrive on site? One suggested approach is to immediately open a critical-events log. A critical-events log need not be more complicated than a small notebook or a handheld voice recorder. It is important, however, because many command decisions are going to be made in rapid succession and need to be tracked. This permanent record of command decisions will be useful later, either for assessing liability or for reassessing what went right and what went wrong in the recovery plan. The name of the game in the response phase is to arrive on-site, execute a successful callout of key personnel and vendors, and make a report to management within 90 minutes or some prespecified time of the disaster, explaining how serious the disaster is, whether it will involve other departments to recover, and providing some estimate of how long it will take to recover, as well as whether a companywide recovery plan should be activated because of the communications system disaster. Recovery Getting back to business as soon as possible is the objective. This recovery process should be documented to a level where it involves technical personnel, such as LAN or mainframe personnel, to execute the plan in the event communications personnel are unavailable to effect the recovery process or are injured in the disruption itself. It is important to note that recovery does not mean restoration of the original equipment; rather, it means restoration of the business process that the equipment provides, even if it is in some type of degraded mode. For example, a large department may have 50 telephones. In a disaster, the plan may be to provide only 25 telephones, but to add a second shift. Not everyone within the organization needs to work 8 to 5. This is why an understanding of the core business is so important to create a flexible and workable recovery plan. Telecommunications personnel will also have to be dispatched at this time to commercial computer recovery or business recovery centers to which the company subscribes. Restoral Close interdepartmental coordination is important during the restoral phase of a recovery process. For example, the communications systems manager has certain responsibilities for wiring, but a LAN manager has others, and the facility manager, responsible for electrical power, for example, has still others. These responsibilities should be carefully documented and delineated to ensure the correct type of wiring is installed. Return to Normal Operations
5 When the emergency is over, it is then time to tear down any emergency configuration and go back to business as usual. If the recovery center is stable and operating, and the revenue stream of the company is firmly established, all new configurations still must be adequately tested before migrating back to the original site. This includes documenting in the recovery plan what constitutes a successful test before going back to the original network configuration. Rest and Relax Needless to say, after responding to a disaster, employees will be tired and stressed out and probably at their wit's end. Therefore, it is important to schedule compensatory timeoff so the staff can get some rest after what could have been several days or weeks of 12-hour shifts. Regroup and Reassess After any execution of the communications systems recovery plan, whether it is a test or a full-blown recovery implementation, it is important to go back and reassess how effectively the procedures worked and make adjustments within the plan. This is part of the reason for the critical-events log during the recognition phase of the recovery effort. Adjustments that are made after tests or activation of the plan strengthen the plan in the long run, so that it can be expected to execute more flawlessly the next time. Other considerations in a successful communications systems recovery plan include: Defining a meeting place to coordinate recovery activity. This could be any suitable real estate located off-site. It should also be equipped with a small contention of telephones, fax machines, and supplies, and serve as the focal point for command and control for recovery activity. It may also house the emergency management team (EMT) that coordinates the overall disaster response. Defining an emergency management team of executives for communications systems disasters, and appropriate recovery teams for both the on-site and offsite recovery processes. Teams and their designed back-ups should be defined for: Dispatch to a recovery facility. Coordination of on-site recovery activities. Retrieval of off-site magnetic media. Administrative functions. Keeping employee callout lists and home telephone numbers current. The best way to do this is to import them, perhaps over a LAN, from known reliable sources, such as human resources. Establishing procedures for maintaining human life and safety when reentering damaged facilities. These would be procedures such as immediately shutting off power and other precautions before entering a damaged facility. Keeping an inventory of all equipment that will be required for the recovery process and all equipment installed on-site. One way of doing this is to establish a liaison with the accounting department. Whenever new equipment is purchased and accounting receives a copy of the contract for the equipment purchased, accounting could be asked to update a data base with such information as the equipment's serial number, software revision
6 number, date of purchase, and number of months the equipment is amortized. In a disaster, this list can be created quickly and used as the basis for fast command decisions on whether to scrap or attempt to save damaged equipment, depending on when it was purchased and what the original price was. Lastly, be sure the plan adequately defines the roles between communications systems personnel and those from other departments, such as LAN management, operations, and facilities, to ensure coordination during a recovery implementation. Procedures on where to get cash, how to arrange travel, and how to purchase new equipment, for example, may be documented already within the organization by one of these other groups; these procedures can be adopted in the communications systems plan. Conclusion This article has reviewed the processes that must be documented in a successful communications systems recovery plan. The most important component of the plan is its ability to bring various departments within the organization together to ensure a seamless recovery process and a flawless execution of a companywide recovery plan. Whether the disaster is confined to the communications systems (in which case IS must recover on its own) or is a companywide disaster (in which case the department becomes a supporting player), the level of detail in the recovery plan directly influences how well it executes and how well protected the assets of the company are. In short, a detailed communications systems recovery plan equates to a higher level of network services and greater peace of mind to the company. Author Biographies Leo A. Wrobel Leo A. Wrobel is president of Premier Network Services Inc., in Dallas.
1-01-80 Organizing for Disaster Recovery Leo A. Wrobel
1-01-80 Organizing for Disaster Recovery Leo A. Wrobel Payoff Consumed by daily network or computer operations, the IS technical staff often has little time for long-term planning pursuits such as disaster
More informationHow To Manage A Disaster Recovery Plan
5-04-26 Testing Disaster Recovery Plans Leo A. Wrobel Payoff The true test of a disaster recovery plan is whether it can uncover failure points. Companies should consistently tighten testing criteria and
More informationCOMPONENTS OF A SUCCESSFUL LAN DISASTER RECOVERY PLAN
COMPONENTS OF A SUCCESSFUL LAN DISASTER RECOVERY PLAN By Leo A. Wrobel Technologists often exhibit an unexpected response when asked by management to produce a disaster recovery plan for an automated system.
More information5-04-45 Operating Standards and Practices for LANs Leo Wrobel
5-04-45 Operating Standards and Practices for LANs Leo Wrobel Payoff Operating standards for LANs offer certain advantages for keeping expenses for procurement, maintenance, and support under control At
More informationDISASTER RECOVERY PLANNING FOR CLIENT/SERVER SYSTEMS
4-04-45 INFORMATION MANAGEMENT: STRATEGY, SYSTEMS, AND TECHNOLOGIES DISASTER RECOVERY PLANNING FOR CLIENT/SERVER SYSTEMS Leo A. Wrobel PROBLEMS ADDRESSED It is no secret that modes of operation in the
More informationIT Disaster Recovery Plan Template
HOPONE INTERNET CORP IT Disaster Recovery Plan Template Compliments of: Tim Sexton 1/1/2015 An information technology (IT) disaster recovery (DR) plan provides a structured approach for responding to unplanned
More information<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP
IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP Revision History REVISION DATE NAME DESCRIPTION Original 1.0 2 Table of Contents Information Technology Statement
More informationClovis Municipal School District Information Technology (IT) Disaster Recovery Plan
Clovis Municipal School District Information Technology (IT) Disaster Recovery Plan Revision History REVISION DATE NAME DESCRIPTION Draft 1.0 Eric Wimbish IT Backup Disaster Table of Contents Information
More informationOffsite Disaster Recovery Plan
1 Offsite Disaster Recovery Plan Offsite Disaster Recovery Plan Presented By: Natan Verkhovsky President Disty Portal Inc. 2 Offsite Disaster Recovery Plan Introduction This document is a comprehensive
More informationDISASTER RECOVERY PLAN
DISASTER RECOVERY PLAN Section 1. Goals of a Disaster Recovery Plan The major goals of a disaster recovery plan are: To minimize interruptions to normal operations. To limit the extent of disruption and
More informationThe Commonwealth of Massachusetts
A. JOSEPH DeNUCCI AUDITOR The Commonwealth of Massachusetts AUDITOR OF THE COMMONWEALTH ONE ASHBURTON PLACE, ROOM 1819 BOSTON, MASSACHUSETTS 02108 TEL. (617) 727-6200 No. 2008-1308-4T OFFICE OF THE STATE
More informationDisaster Recovery Plan
Disaster Recovery Plan This guide sets forth items to consider in the review of the firm s disaster recovery plan. You should form a committee to assess the plan and should assign activities under the
More informationFLA S FIRE SAFETY INITIATIVE
Improving Workers Lives Worldwide FLA S FIRE SAFETY INITIATIVE Preventing fires and saving lives by empowering workers and factory managers SCENARIO 1 OCCURS AT FACTORY ABC, WHICH HAS NOT IMPLEMENTED NECESSARY
More informationDISASTER RECOVERY. Omniture Disaster Plan. June 2, 2008 Version 2.0
DISASTER RECOVERY Omniture Disaster Plan June 2, 2008 Version 2.0 CHAPTER 1 1 Disaster Recovery Plan Overview In the event that one of our data collection environments are unavailable due to an event,
More informationHow to Build a Disaster Recovery Plan
How to Build a Disaster Recovery Plan Best Practices, Templates & Tools E-BOOK EXECUTIVE SUMMARY How do you start building a DR plan? While there are lots of tools from vendors, it s hard to find a practical
More informationBusiness Continuity Planning (BCP) / Disaster Recovery (DR)
Business Continuity Planning (BCP) / Disaster Recovery (DR) Introduction Interruptions to business functions can result from major natural disasters such as earthquakes, floods, and fires, or from man-made
More informationOFFICE OF THE STATE AUDITOR General Controls Review Questionnaire
OFFICE OF THE STATE AUDITOR Agency: * University Please answer all of the following questions. Where we ask for copies of policies and procedures and other documentation, we would prefer this in electronic
More informationAuditing in an Automated Environment: Appendix C: Computer Operations
Agency Prepared By Initials Date Reviewed By Audit Program - Computer Operations W/P Ref Page 1 of 1 Procedures Initials Date Reference/Comments OBJECTIVE - To document the review of the computer operations
More informationPAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA
Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationMARULENG LOCAL MUNICIPALITY
MARULENG LOCAL MUNICIPALITY Data Centre Physical Access and Environmental Control Policy Draft: Data Centre Access Control and Environmental Policy Page 1 Version Control Version Date Author(s) Details
More informationDisaster Recovery Plan Documentation for Agencies Instructions
California Office of Information Security Disaster Recovery Plan Documentation for Agencies Instructions () November 2009 SCOPE AND PURPOSE The requirements included in this document are applicable to
More informationBNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN
BNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN INTRODUCTION The need for a contingency plan for business interruptions is vital to the operations of the BNA Federal Credit Union. Without such a plan,
More informationDETAIL AUDIT PROGRAM Information Systems General Controls Review
Contributed 4/23/99 by Steve_Parker/TBE/Teledyne@teledyne.com DETAIL AUDIT PROGRAM Information Systems General Controls Review 1.0 Introduction The objectives of this audit are to review policies, procedures,
More informationDisaster Recovery Plan Checklist
Disaster Recovery Plan Checklist Your guide for setting up or updating a Disaster Recovery Plan for your business. ArcSource Disaster Recovery Plan Checklist 1. Compile Your Internal Contacts Information
More informationTodd & Cue Ltd Your Business Continuity Partner
Todd & Cue Ltd Your Business Continuity Partner Preparation and Planning We provide strategies, tools and resources to help you prepare for a business interruption whether it is caused by fire, water,
More informationWhich Backup Option is Best?
Which Backup Option is Best? Which Backup Option is Best? Why Protect Your Data? Data loss disasters happen more frequently than you would think, for many different reasons: Human error and accidental
More informationNEW WEB BROWSER-BASED APPLIANCE ADDS TO DATA CENTER SECURITY
CASE STUDY Standby Generation for Data Centers NEW WEB BROWSER-BASED APPLIANCE ADDS TO DATA CENTER SECURITY Taking the Next Step to Protect Critical Data If you live or work there, you understand that
More informationIT - General Controls Questionnaire
IT - General Controls Questionnaire Internal Control Questionnaire Question Yes No N/A Remarks G1. ACCESS CONTROLS Access controls are comprised of those policies and procedures that are designed to allow
More informationCommunication systems must be readily available, reliable and properly maintained to support an emergency or disaster.
Approved By: Dr. Mark Peters, President & CEO, 2/07 POLICY: Communication systems must be readily available, reliable and properly maintained to support an emergency or disaster. PROCEDURE: 1. Phone System:
More informationHIPAA Security Alert
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
More informationContact us for a free consultation today! 630-936-4045 officemove@aie195.com
IT Relocation Schedule Moving offices? Often, relocating your IT infrastructure can be one of the most daunting aspects of the move, and it s also the most critical to business continuity. Servers, PCs,
More informationDraft ICT Disaster Recovery Plan
Draft ICT Disaster Recovery Plan Version 3.0 Draft Date June 2014 Status Draft Approved By: Table of Contents 1.0 Introduction...3 1.1 Objectives of the Disaster Recovery Policy/plan... 3 2. 0 Disaster
More informationFlood Preparedness Checklist
Appendix A: Preparedness Checklists 1 Flood Preparedness Checklist The following checklist will help you prepare for how a flood could impact your business and your business continuity and disaster recovery
More informationOIG. Improvements Are Needed for Information Technology Controls at the Las Vegas Finance Center. Audit Report OFFICE OF INSPECTOR GENERAL
OIG OFFICE OF INSPECTOR GENERAL Catalyst for Improving the Environment Audit Report Improvements Are Needed for Information Technology Controls at the Las Vegas Finance Center Report No. 2003-P-00011 May
More informationISO IEC 27002 2005 (17799 2005) INFORMATION SECURITY AUDIT TOOL
9.1 USE SECURITY AREAS TO PROTECT FACILITIES 1 GOAL Do you use physical methods to prevent unauthorized access to your organization s information and premises? 2 GOAL Do you use physical methods to prevent
More information85-01-55 Overview of Business Continuity Planning Sally Meglathery Payoff
85-01-55 Overview of Business Continuity Planning Sally Meglathery Payoff Because a business continuity plan affects all functional units within the organization, each functional unit must participate
More informationU.S. SECURITIES & EXCHANGE COMMISSION
PBX and Analog Lines Security Assessment U.S. SECURITIES & EXCHANGE COMMISSION March 31, 2000 Prepared by Deloitte & Touche LLP Enterprise Risk Services - 1 - 1 Executive Summary 1.1 Overview Deloitte
More informationSPRINT MANAGED SECURITY SERVICES PRODUCT ANNEX
SPRINT MANAGED SECURITY SERVICES PRODUCT ANNEX The following terms and conditions, together with the Sprint Master or Custom Services Agreement or Domestic Sprint Services Sales Application Form ("Agreement"),
More informationBUSINESS CONTINUITY PLAN OVERVIEW
BUSINESS CONTINUITY PLAN OVERVIEW INTRODUCTION The purpose of this document is to provide Loomis customers with an overview of the company s Business Continuity Plan (BCP). Because of the specific and
More informationThe terms hazard and risk are often used, which we define as the following:
Fire Safety Last updated in October 2010 This information sheet aims to give safety reps a basic understanding of fire safety and fire risk assessments under the current law. More detailed information
More informationE9-1-1 SOLUTIONS OVERVIEW. Enabling Superior Management of 9-1-1 Calls
SM E9-1-1 SOLUTIONS OVERVIEW Enabling Superior Management of 9-1-1 Calls ENABLING SUPERIOR MANAGEMENT OF 9-1-1 CALLS SAFETY IS YOUR RESPONSIBILITY. ENHANCED 9-1-1 IS OUR BUSINESS. Providing a safe and
More informationContract # 04-06. Accepted on: March 29, 2005. Starling Systems. 711 S. Capitol Way, Suite 301 Olympia, WA 98501
Disaster Recovery Plan Starling Systems Deliverable #15 - Draft I Contract # 04-06 Accepted on: March 29, 2005 Starling Systems 711 S. Capitol Way, Suite 301 Olympia, WA 98501 DISASTER RECOVERY PLAN TABLE
More informationTechnology Recovery Plan Instructions
State of California California Information Security Office Technology Recovery Plan Instructions SIMM 5325-A (Formerly SIMM 65A) September 2013 REVISION HISTORY REVISION DATE OF RELEASE OWNER SUMMARY OF
More informationAPPENDIX 7. ICT Disaster Recovery Plan
APPENDIX 7 ICT Disaster Recovery Plan This policy was approved and ratified by the Governing Body of Cox Green School on 15 th October 2013 Signed: Chair of Governors Date: Ratified: Oct 2013 Review: Sep
More informationGAO INFORMATION SECURITY. Weak Controls Place Interior s Financial and Other Data at Risk. Report to the Secretary of the Interior
GAO United States General Accounting Office Report to the Secretary of the Interior July 2001 INFORMATION SECURITY Weak Controls Place Interior s Financial and Other Data at Risk GAO-01-615 United States
More informationOffice of Inspector General
DEPARTMENT OF HOMELAND SECURITY Office of Inspector General INFORMATION TECHNOLOGY: Final Obstacles Removed To Eliminate Customs Disaster Recovery Material Weakness Office of Information Technology OIG-IT-03-01
More informationThe Practice of Internal Controls. Cornell Municipal Clerks School July 16, 2014
The Practice of Internal Controls Cornell Municipal Clerks School July 16, 2014 Page 1 July 18, 2014 Cash Receipts (Collection procedures) Centralize cash collections within a department or for the local
More informationBusiness Continuity Planning (BCP) / Disaster Recovery (DR)
Business Continuity Planning (BCP) / Disaster Recovery (DR) Introduction Interruptions to business functions can result from major natural disasters such as earthquakes, floods, and fires, or from man-made
More informationMolecular Collections Disaster Planning Checklist
Molecular Collections Disaster Planning Checklist This checklist is intended as an addition to standard checklists for disaster planning in natural history collections; many of the basic requirements of
More informationBusiness Continuity Requires the Best Cloud Storage Options
Requires the Best Cloud Storage Options www.gr e xo.co m Requires the Best Cloud Storage Options Only about 38% of small to medium sized businesses have an IT business continuity plan in place. If you
More informationFacilitated By: Ken M. Shaurette, CISSP, CISA, CISM, CRISC FIPCO Director IT Services
Facilitated By: Ken M. Shaurette, CISSP, CISA, CISM, CRISC FIPCO Director IT Services 1 Today s Agenda Structure of Today s Discussion Set Objectives General overview of DR/BCP Exercise Assumptions Scenarios
More informationCloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud
Cloud Computing Chapter 10 Disaster Recovery and Business Continuity and the Cloud Learning Objectives Define and describe business continuity. Define and describe disaster recovery. Describe the benefits
More informationPrecautions (Annexes 1 + 2) < Deployment of the resources of the Heritage Protection Service > < Specialists >
FEDERAL OFFICE FOR CIVIL PROTECTION June 1999 PROTECTION FOR HISTORIC ITEMS AT TIMES OF DISASTER Hazard Analysis Precautions (Annexes 1 + 2) Emergency action (Annex 3) Restoration / Reconstruction Identify
More informationMCR Checklist for Automated Information Systems (Major Applications and General Support Systems)
MCR Checklist for Automated Information Systems (Major Applications and General Support Systems) Name of GSS or MA being reviewed: Region/Office of GSS or MA being reviewed: System Owner: System Manager:
More information5-04-20 Business Recovery Planning for Communications Leo A. Wrobel
5-04-20 Business Recovery Planning for Communications Leo A. Wrobel Payoff Most businesses depend on their telephone networks to keep customer communications open. Lost service spells lost revenue. This
More informationDisaster Recovery: Protect Your Business & Prepare Your Digital Prepress Operations
Eastman Kodak Company 343 State Street Rochester, NY 14650-0238 USA Revision date: March 2014 White Paper Contact Name Robyn Lundstrom PSSG Specialist, KODAK Unified Workflow Solutions robyn.lundstrom@kodak.com
More informationHURRICANE PLAN CAN HELP BUSINESSES WEATHER A STORM. By Gerald Dunlop USA Small Business Development Center
CAN HELP BUSINESSES WEATHER A STORM By Gerald Dunlop USA Small Business Development Center If we learned anything from Katrina, it is the importance of planning and what can result from the lack of it.
More informationMARQUIS DISASTER RECOVERY PLAN (DRP)
MARQUIS DISASTER RECOVERY PLAN (DRP) Disaster Recovery is an ongoing process to plan, develop, test and implement changes, processes and procedures supporting the recovery of the critical functions in
More informationVoice Mail. Objectives. When you finish this module, you will be able to:
Voice Mail 23 Objectives When you finish this module, you will be able to: Verify that the Embedded Voice Mail (EVM) application can record and play messages. Check the EVM health. Maintain the EVM system.
More informationAljex Software, Inc. Business Continuity & Disaster Recovery Plan. Last Updated: June 16, 2009
Business Continuity & Disaster Recovery Plan Last Updated: June 16, 2009 Business Continuity & Disaster Recovery Plan Page 2 of 6 Table of Contents Introduction... 3 Business Continuity... 3 Employee Structure...
More informationThe Commonwealth of Massachusetts
The Commonwealth of Massachusetts AUDITOR OF THE COMMONWEALTH ONE ASHBURTON PLACE, ROOM 1819 Boston, MASSACHUSETTS 02108 TEL. (617) 727-6200 A. JOSEPH DeNUCCI AUDITOR No. 2008-0243-4T OFFICE OF THE STATE
More informationPreparing Your Business for a Flood
CHECKLISTS Before a Flood Stay in touch with what s happening and listen for warnings and advisories through the media or through local community messaging. A flood watch means flooding is possible. A
More informationLocal Government Cyber Security:
Local Government Cyber Security: Guidelines for Backing Up Information A Non-Technical Guide Essential for Elected Officials Administrative Officials Business Managers Multi-State Information Sharing and
More informationSAMPLE IT CONTINGENCY PLAN FORMAT
SAMPLE IT CONTINGENCY PLAN FORMAT This sample format provides a template for preparing an information technology (IT) contingency plan. The template is intended to be used as a guide, and the Contingency
More informationOffice Voice User Guide. User Guide
Office Voice User Guide User Guide Contents Anonymous Call Rejection 3 Call Block 3 Call Forward 4 Call Return 5 Call Waiting 5 Caller ID 6 Do Not Disturb 7 Find Me 7 Last Number Redial 8 Selective Call
More informationContinuity of Operations in the Clinical Laboratory
Continuity of Operations in the Clinical Laboratory Nathan Kendrick, MS, M(ASCP) State Training Coordinator Emergency Preparedness & Response Unit Paula M. (Snippes) Vagnone, MT(ASCP) Microbiology Supervisor
More informationB U S I N E S S C O N T I N U I T Y P L A N
B U S I N E S S C O N T I N U I T Y P L A N 1 Last Review / Update: December 9, 2015 Table of Contents Purpose...3 Background...3 Books and Records Back-up and Recovery...4 Mission Critical Systems...
More informationGetting Your Practice Ahead
Volume 4: Data Backup Essentials For Physicians Edited By : Vinod Venugopal Disclaimer: The following document was created for free distribution by Technical Doctor Inc. The document contains reference
More informationHOW TO CREATE A VITAL RECORDS PROTECTION PLAN. New York State Unified Court System Division of Court Operations Office of Records Management
HOW TO CREATE A VITAL RECORDS PROTECTION PLAN New York State Unified Court System Division of Court Operations Office of Records Management June 2003 TABLE OF CONTENTS Purpose of a Vital Records Protection
More informationRockwell Financial Group Business Continuity Plan. Emergency Contact Persons Rockwell Financial Group has two emergency contact persons:
Rockwell Financial Group Business Continuity Plan Emergency Contact Persons Rockwell Financial Group has two emergency contact persons: Michael Halkitis, President/ Finop Primary Contact Information: Phone
More informationREVIEWED ICT DATA CENTRE PHYSICAL ACCESS AND ENVIROMENTAL CONTROL POLICY
LI_M_POPO PROVINCIAL GOVERNMENT :;:ED.JBl-C ()F SO"';-H AFR;IC. ':.,. DEPARTMENT OF CO-OPERATIVE GOVERNANCE, HUMAN SETTLEMENTS & TRADITIONAL AFFAIRS REVIEWED ICT DATA CENTRE PHYSICAL ACCESS AND ENVIROMENTAL
More informationISO27001 Controls and Objectives
Introduction This reference document for the University of Birmingham lists the control objectives, specific controls and background information, as given in Annex A to ISO/IEC 27001:2005. As such, the
More informationFORM 20A.9 SAMPLE AUDIT PROGRAM FOR TESTING IT CONTROLS. Date(s) Completed. Workpaper Reference
FORM 20A.9 SAMPLE AUDIT PROGRAM FOR TESTING IT CONTROLS Workpaper Reference Date(s) Completed Organization and Staffing procedures used to define the organization of the IT Department. 2. Review the organization
More informationSecure, Remote Access for IT Infrastructure Management
Infrastructure Management & Monitoring for Business-Critical Continuity TM Secure, Remote Access for IT Infrastructure Management ACS Advanced Console Server Secure, Remote Access for IT Infrastructure
More informationVital Statistics audit of the Birth and Death Certificate Imaging System
OFFICE OF THE CITY AUDITOR AUDIT OF THE VITAL STATISTICS BIRTH AND DEATH CERTIFICATE IMAGING SYSTEM Paul T. Garner Assistant City Auditor Prepared by: Tony Aguilar, CISA Sr. IT Auditor Bill Steer, CPA,
More informationAvailability and Disaster Recovery: Basic Principles
Availability and Disaster Recovery: Basic Principles by Chuck Petch, WVS Senior Technical Writer At first glance availability and recovery may seem like opposites. Availability involves designing computer
More informationDigiDial- VoIP SSMM Service Overview No Boundaries outside the box of traditional telephony P er ver OecioV
DigiDial-VoIP is a business-grade Voice over IP service that is hosted on DigiLink s IP network and provides a robust, low-cost enterprise voice solution, replacing costly PBX or Centrex service with the
More informationA Best Practices Point of View from. Data Backup and Disaster Recovery Planning
A Best Practices Point of View from Data Backup and Disaster Recovery Planning Security Protect Your Data Expertise Support Patient Privacy Business Continuity Plan and Restore Peace of Mind Backup and
More informationsecure Agent Secure Enterprise Solutions Remote Recovery from a Data Center Outage SecureAgent Software www.secureagent.com
secure Agent Secure Enterprise Solutions SecureAgent Software Disaster Recovery Remote Recovery from a Data Center Outage SecureAgent Software 2448 E. 81 st St., Ste. 2000 Tulsa OK 74137-4271 USA Tel:
More informationAudit, Finance and Legislative Committee Mayor Craig Lowe, Chair Mayor-Commissioner Pro Tem Thomas Hawkins, Member
City of Gainesville Inter-Office Communication April 3, 2012 TO: FROM: SUBJECT: Audit, Finance and Legislative Committee Mayor Craig Lowe, Chair Mayor-Commissioner Pro Tem Thomas Hawkins, Member Brent
More informationMemorandum. ACTION: Report on Computer Security Controls of Financial Management System, FTA FE-2000-098. May 23, 2000.
U.S. Department of Transportation Office of the Secretary of Transportation Office of Inspector General Memorandum ACTION: Report on Computer Security Controls of Financial Management System, FTA FE-2000-098
More informationISO 27001 Controls and Objectives
ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements
More informationCHEEKTOWAGA CENTRAL SCHOOL DISTRICT TECHNOLOGY SERVICES DISASTER RECOVERY PLAN. Rev. 3/15/2012
CHEEKTOWAGA CENTRAL SCHOOL DISTRICT TECHNOLOGY SERVICES DISASTER RECOVERY PLAN Rev. 3/15/2012 TABLE OF CONTENTS PART I. INTRODUCTION INTRODUCTION PLAN DISTRIBUTION PART II. DESIGN OF THE PLAN OVERVIEW
More informationAPPENDIX 7. ICT Disaster Recovery Plan
APPENDIX 7 ICT Disaster Recovery Plan This policy was approved and ratified by the Governing Body of Cox Green School on 20 th October 2015 Signed: Chair of Governors Date: Version Authorisation Approval
More informationbusiness continuity plan for:
business continuity plan for: Insert your company name here Our statement of Business Continuity is: > To ensure all employees are competent to do their tasks, and to provide adequate training > To review
More informationInformation Technology General Controls Review (ITGC) Audit Program Prepared by:
Information Technology General Controls Review (ITGC) Audit Program Date Prepared: 2012 Internal Audit Work Plan Objective: IT General Controls (ITGC) address the overall operation and activities of the
More informationDisaster recovery planning.
Disaster recovery planning. Disaster recovery planning is the creation of a process to follow in the event of a disaster. The development and the maintenance of a disaster recovery plan isn t something
More informationData Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322
Business Continuity and Disaster Recovery Job Descriptions Table of Contents Business Continuity Services Organization Chart... 2 Director Business Continuity Services Group... 3 Manager of Business Recovery
More informationMEDIAROOM. Products Hosting Infrastructure Documentation. Introduction. Hosting Facility Overview
MEDIAROOM Products Hosting Infrastructure Documentation Introduction The purpose of this document is to provide an overview of the hosting infrastructure used for our line of hosted Web products and provide
More informationDocumentation for data centre migrations
Documentation for data centre migrations Data centre migrations are part of the normal life cycle of a typical enterprise. As organisations expand, many reach a point where maintaining multiple, distributed
More informationvisit us on the web at: www.strategicsecuritycorp.com
CAMERAS & ALARMS Closed Circuit Television (CCTV) / SMART Home Structured Wiring & Systems Commercial and Residential Alarm Systems / Central Monitoring Integrated Access Control Systems (Proximity Cards,
More informationNETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL.
NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL. Your Credit Union information is irreplaceable. Data loss can result
More informationDISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS
Appendix L DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS I. GETTING READY A. Obtain written commitment from top management of support for contingency planning objectives. B. Assemble
More informationHow To Back Up Your Computer With A Hard Drive On A Usb Or Usb 2 (For Small Businesses)
The Real Cost of Do-It-Yourself Backups and Why Online Backup is Better This white paper discloses the real costs to a small business for performing proper data backups in-house using portable hard drives,
More informationAppendix E: DEM Record Recovery Plan. From DEM Records Management Policy: A Report of the Records Management Policy Working Group, June 9, 2003.
Appendix E: DEM Record Recovery Plan From DEM Records Management Policy: A Report of the Records Management Policy Working Group, June 9, 2003. Appendix H - Elements of a Record Recovery Plan This material
More informationHow To Set Up An Ip Trunk For A Business
Charter Business : White paper SIP Trunking: A new voice in communications service WHITE PAPER With the rise of next-generation technology, business customers have more options than ever from providers
More informationClinic Business Continuity Plan Guidelines
Clinic Business Continuity Plan Guidelines Emergency notification contacts: Primary Role Name Address Home phone Mobile/Cell phone Business Continuity Plan Coordinator QSP Business Continuity Plan Coordinator
More informationPAPER-6 PART-4 OF 5 CA A.RAFEQ, FCA
1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-4 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand
More informationTiburon Master Support Agreement Exhibit 6 Back Up Schedule & Procedures. General Notes on Backups
General Notes on Backups This document describes the procedures to backup the minimum set of files required to recover application and/or data files in the event of a hardware failure or data loss. These
More informationCase Study: Hospital Contact Center Solution
Case Study: Hospital Contact Center Cost justify contact center solution and assess/recommend the best contact center technology Large multi site orthopedic hospital InTech added value by doing not just
More information