Disaster Recovery, Business Continuity & Other Lessons Learned



Similar documents
Business Continuity & Disaster Recovery

Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper

Department of Information Technology Data Center Disaster Recovery Audit Report Final Report. September 2006

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

BUSINESS CONTINUITY PLANNING

Regulatory Requirements for Disaster Recovery/Business Continuity Programs

Why Should Companies Take a Closer Look at Business Continuity Planning?

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

Offer in Compromise (Doubt as to Liability)

PAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA

IT Service Continuity Management PinkVERIFY

GAO. Year 2000 Computing Crisis: Business Continuity and Contingency Planning

Disaster Recovery and Business Continuity Plan

Disaster Recovery Plan Review Checklist. A High-Level Internal Planning Tool to Assist State Agencies with Their Disaster Recovery Plans

15 Organisation/ICT/02/01/15 Back- up

Ms. Debbie Davenport Auditor General Office of the Auditor General 2910 North 44 th Street, Suite 410 Phoenix, Arizona Dear Ms.

Documentation. Disclaimer

Business Continuity Plan

Data Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) Fax: (718)

Vendor Management. Outsourcing Technology Services

Business Continuity Planning and Disaster Recovery Planning. Ed Crowley IAM/IEM

Security Architecture. Title Disaster Planning Procedures for Information Technology

I.T. Disaster Recovery Plan

Business Continuity Planning Preparing Your Organization

Best Practices in Disaster Recovery Planning and Testing

[INSERT NAME OF SCHOOL] BUSINESS CONTINUITY PLAN

Business Continuity Plan

Business Continuity Planning and Disaster Recovery Planning

JANSSEN PARTNERS, INC. Business Continuity Plan (BCP)

MULTI-AGENCY EMERGENCY PREPAREDNESS AT SELECTED STATE AGENCIES. Report 2007-S-29 OFFICE OF THE NEW YORK STATE COMPTROLLER

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

UNIVERSITY INFORMATION TECHNOLOGY SERVICES (UITS) & INFORMATION WAREHOUSE FUNCTIONAL ANNEX 13

OCR Reports on the Enforcement. Learning Objectives 4/1/2013. HIPAA Compliance/Enforcement (As of December 31, 2012) HCCA Compliance Institute

OCR Reports on the Enforcement. Learning Objectives

BCP and DR Plan With NAS Solution

Module 5 Introduction to Processes and Controls

PPSADOPTED: OCT BACKGROUND POLICY STATEMENT PHYSICAL FACILITIES. PROFESSIONAL PRACTICE STATEMENT Developing a Business Continuity Plan

Business Continuity Planning and Disaster Recovery Planning

Business Unit CONTINGENCY PLAN

Software Asset Management on System z

Technology Recovery Plan Instructions

An Archive Audit to Support Disaster Recovery

Backup Policy (ITP004) Information Technology Services Department

Core Solutions of Microsoft Exchange Server 2013 MOC 20341

IT Contingency Planning: IT Disaster Recovery Planning

CONTINUITY OF OPERATIONS AUDIT PROGRAM EVALUATION AND AUDIT

Western Intergovernmental Audit Forum

SecureVest Financial Group, Inc. Argentis Advisors Business Continuity Plan (BCP)

MICHIGAN AUDIT REPORT OFFICE OF THE AUDITOR GENERAL THOMAS H. MCTAVISH, C.P.A. AUDITOR GENERAL

Hanh Do, Director, Information System Audit Division, GAA. SUBJECT: Review of HUD s Information Technology Contingency Planning and Preparedness

The Weill Cornell Medical College and Graduate School of Medical Sciences. Responsible Department: Information Technologies and Services (ITS)

SAAS MADE EASY: SERVICE LEVEL AGREEMENT

CISM Certified Information Security Manager

Assessment of natural hazards, man made hazards, technical and societal related risks and associated impact.

Hong Kong Baptist University

Continuity of Operations Planning. A step by step guide for business

Tailored Technologies LLC

Call: Disaster Recovery/Business Continuity (DR/BC) Services From VirtuousIT

MS 20341B: Core Solutions of Microsoft Exchange Server 2013

The Requirements Compliance Matrix columns are defined as follows:

Mazzone & Associates, Inc.

Overview of how to test a. Business Continuity Plan

ICT Business Continuity & Disaster Recovery for Local Authorities. White Paper

Core Solutions of Microsoft Exchange Server 2013 Course 20341A; 5 Days

Trends in Managed Services in Tax Administration

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

IT Sr. Systems Administrator

June 2008 Report No An Audit Report on The Department of Information Resources and the Consolidation of the State s Data Centers

TSM Backup Service. Standard Service Level Agreement

ABOUT THIS COURSE AT COURSE COMPLETION PREREQUISITES COURSE OUTLINE. Core Solutions of Microsoft Exchange Server 2013 Duration : 5 days

DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS

Creating a Business Continuity Plan

SCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E (mobile)

Disaster Prevention and Recovery for School System Technology

Contingency Plan for HIPAA

GWM GROUP INC Business Continuity Plan (BCP)

Business Continuity Planning for Schools, Departments & Support Units

Transcription:

Disaster Recovery, Business Continuity & Other Lessons Learned FTA Annual Conference Nashville, Tennessee Bob Tangorre Nonie Manion New York State Tax & Finance

September 11-A Different Type of Disaster Previous Planning Mainframe Computer System Recovery Hot Site Services Contract Provides out of town location to reestablish IBM and Unisys mainframes Reconnects our networks Tested twice a year Off Site Data Storage Critical application programs and operating systems Backup tapes of key mainframe systems data Backup tapes of return images

September 11-A Different Type of Disaster Other Plans We Had Y2K computer systems recovery plans Y2K business recovery plans Call Center distributed to multiple locations Employee contact database Gartner: The 11 September 2001 terrorist attacks are different in their human and enterprise operational impact from previous disasters.

September 11-A Different Type of Disaster What was different: We never expected to have to deal with loss of life for Department employees Loss of large numbers of original business records & the taxpayers lost their records as well Delays in mail Chase Water St. location Anthrax scares Magnitude of the event Call Center operations Donations tracking WTC Relief Fund Tax Relief Revenue Impacts

Things We Discovered We had no backup plans for works in progress related to our vital business records We had no centralized process for backing up our field offices servers While we had business continuity plans for Y2K, they were specific to Y2K, not generic

What We re Doing About it Business Continuity Planning Business Records Imaging Project Distributed Systems Disaster Recovery/Business Continuity Study

Business Continuity Planning Must be supported throughout the agency, not just an IT plan. Determine what the core businesses are Vision An agency that provides a fair system of tax administration, is accessible and responsive to taxpayers, and contributes to a favorable economic climate. Mission Collect tax revenue and provide associated services in support of government services in New York State. Key Service Areas Processing Services - Facilitating voluntary compliance; receiving and recording tax returns, documents and remittances; issuing refunds; and distributing funds to State and local governments. Compliance/Enforcement Services - Identifying and addressing errors, non-filers, and civil and criminal violators of the tax system. This is done through audit, investigation, collection, and dispute resolution activities. Identify what resources (IT, people, special equipment or tools) are needed to provide business continuity, disaster recovery, business recovery and business resumption plans.

Steps to Develop a Business Contingency Plan Establish a Business Contingency Planning Team (executive mgt) Identify core businesses (Line of Business Managers and executive mgt) Develop Business Continuity, Disaster Recovery, Business Recovery and Business Resumption Plans (Business units, IT and Business Contingency Planning Team)

Steps to Develop a Business Contingency Plan Identify key staff responsible for each plan with alternates, establish a contact database (sheet) and phone tree (Human Resources and Business Contingency Planning Team) Establish alternate decision-making hierarchy (Executive Staff)

Steps to Develop a Business Contingency Plan Establish a personnel awareness program (Human Resources and Contingency Planning Team) Determine alternate methods of communication (Contingency Planning Team) Set up a toll free number that employees can call in on for updates Test your plan once or twice a year Long Term, build Business Contingency Planning into all of your systems, operations and facility planning

Business Records Imaging Project Image vital business records as they are received at the district office Associate the image with an electronic case folder

Business Records Imaging Project Back up and store the image/electronic case folder centrally Reduce dependence on paper tax returns Image all returns received during data capture process Provide workflow tools to integrate, retrieve and use images more effectively in the work units

Distributed Systems Disaster Recovery/Business Continuity Study Hired an outside consultant to do a Disaster Recovery/Business Continuity study Identified the financial impact to the State (our core business is collecting tax revenue) of 20 day outages for critical processes

Distributed Systems Disaster Recovery/Business Continuity Study Developing a risk mitigation plan Prioritizing critical components Identifying options for mitigating risk of failure of those components Identifying operational alternatives Identifying funding sources

Disaster Recovery, Business Continuity & Other Lessons Learned Questions? What are you doing?

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information